Crypto Hacker Mints $1.1B in Polkadot, Cashes Out $237K

A crypto hacker minted 1 billion bridged Polkadot (DOT) tokens on Ethereum through a Hyperbridge exploit on April 13, 2026, but limited liquidity in the bridged token pool meant the attacker could only extract roughly $237,000 in actual proceeds.

What the Exploit Achieved, and What It Didn’t

The attack targeted Hyperbridge’s Ethereum-side token path, minting 1,000,000,000 bridged DOT from the zero address to wallet 0x31a165a956842ab783098641db25c7a9067ca9ab. The exploit transaction, hash 0x240aeb9a, executed at 03:55:23 UTC.

Despite the nominal $1.1 billion face value of the minted tokens, the attacker swapped the forged bridged DOT for just 108.206143512481490001 ETH. At current prices, that output was worth approximately $237,000.

The exploit involved Hyperbridge’s documented Ethereum-side contracts: HandlerV1 at 0x6C84eDd2A018b1fe2Fc93a56066B5C60dA4E6D64 and TokenGateway at 0xFd413e3AFe560182C4471F4d143A96d3e259B6dE. The bridged DOT token contract on Ethereum sits at 0x8d010bf9c26881788b4e6bf5fd1bdc358c8f90b8.

Why $1.1 Billion in Tokens Yielded Only $237K

The gap between the minted face value and the realized cash-out comes down to liquidity. Bridged DOT on Ethereum is a wrapped representation, not the native Polkadot token. The Uniswap V4 pool for this bridged asset held limited reserves.

When the attacker dumped 1 billion tokens into a thin pool, the price collapsed almost instantly. The pool could only absorb enough sell pressure to return roughly 108 ETH before the bridged DOT price hit near-zero within the pool.

This dynamic is common in bridge exploits. Minting an arbitrarily large supply of a bridged token does not create new value; it only lets the attacker drain whatever real assets (in this case ETH) sit on the other side of the liquidity pair. The actual damage is measured by what leaves the pool, not by the notional value of the forged tokens.

According to Blocksec Falcon’s analysis, the root cause may have been an MMR proof replay vulnerability caused by missing proof-to-request binding, according to unconfirmed secondary reporting. No official Hyperbridge postmortem has been published as of press time.

Native DOT Unaffected, but Market Sentiment Weakened

The exploit only affected DOT bridged through Hyperbridge on Ethereum. Native DOT on the Polkadot network and the broader Polkadot ecosystem remained unaffected.

Still, DOT spot price slipped to $1.18, down roughly 4.4% over 24 hours, with market cap sitting at approximately $1.97 billion and 24-hour trading volume near $271.6 million. The broader market backdrop is already fragile, with the Crypto Fear & Greed Index at 12, deep in “Extreme Fear” territory.

According to unconfirmed reports, South Korean exchanges Bithumb and Upbit suspended DOT-related deposits and withdrawals in response to the incident. Official exchange notices could not be independently verified at the time of publication.

Cross-Chain Bridge Security Under Renewed Scrutiny

Bridge exploits have historically been among the most damaging attack vectors in crypto. This incident adds to a growing list of cases where Ethereum-side bridge contracts served as the point of failure, even when the native chain’s security remained intact.

The key trust boundary that failed here was between Hyperbridge’s HandlerV1 and TokenGateway contracts on Ethereum and the bridged token representation they control. Most competitor coverage of this story stops at the headline contrast between the minted amount and the cash-out. The more instructive detail is the specific contract infrastructure that allowed a forged mint to pass validation.

For traders holding bridged assets on Ethereum, the incident is a reminder that cross-chain infrastructure carries distinct risks from the native tokens it represents. Holders of native DOT on Polkadot were not exposed, but anyone providing liquidity to the Ethereum-side bridged DOT pool absorbed the losses.

As institutional interest in digital assets grows, bridge security audits and liquidity depth in wrapped-token pools are likely to receive closer attention from both users and protocol teams. Whether Hyperbridge publishes a formal root-cause analysis and patches the affected contract path will be the next development to watch.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.

The article Crypto Hacker Mints $1.1B in Polkadot, Cashes Out $237K first featured on theccpress.com.