Crypto protocol CrossCurve has confirmed that its cross-chain bridge was targeted in a smart contract attack, resulting in the reported loss of approximately $3 million across multiple blockchain networks. The incident prompted the protocol to urge users to immediately pause all interactions while an internal investigation is underway.
According to the project’s statement, the breach involved the exploitation of a vulnerability within one of the smart contracts supporting the bridge’s cross-chain operations. The flaw reportedly allowed unauthorized actors to bypass validation mechanisms and unlock tokens without proper authorization.
How the CrossCurve Exploit Occurred
Blockchain security researchers indicated that a specific contract function enabled attackers to spoof cross-chain messages. By doing so, the attacker was able to trigger token unlocks on the bridge infrastructure without passing through standard gateway checks. This weakness was reportedly exploited on several networks, amplifying the scale of the losses.
Partner Protocols Warn Users
Following the incident, a major decentralized finance partner associated with CrossCurve advised users who had exposure through liquidity pools to reassess their positions and consider withdrawing or adjusting governance votes. The advisory emphasized the importance of risk management when interacting with third-party protocols.
In response to the attack, CrossCurve’s leadership publicly shared wallet addresses linked to the exploit and offered a bounty of up to 10% for the return of funds within 72 hours. The team stated that failure to cooperate could result in legal action, including coordination with law enforcement and asset-freezing efforts.
The investigation remains ongoing as the protocol works to assess the full impact and prevent further losses.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.