Attacker Mints $1B Worth of Polkadot Tokens on Ethereum but Only Steals $237K

A security breach in Hyperbridge’s Ethereum gateway contract allowed an attacker to mint 1 billion bridged Polkadot (DOT) tokens on Ethereum, later converting them into roughly $237,000 worth of ether. The exploit did not impact the Polkadot main network or native DOT supply, but targeted the bridge’s flawed cross-chain validation logic.

Security analysis shows the attacker submitted a forged cross-chain message through the dispatchIncoming function, which was incorrectly accepted by the EthereumHost contract. The request passed through to TokenGateway.onAccept, where a missing or bypassed state proof check allowed execution. The system processed an invalid request receipts validation, enabling unauthorized actions.

Admin Privileges Misused to Mint Unlimited Tokens

The malicious message triggered a changeAdmin function, granting the attacker full control of the bridged DOT contract on Ethereum. With admin access, they minted 1 billion tokens in a single transaction and routed funds through Odos Router V3, later swapping them on a Uniswap V4 DOT-ETH pool.

Blockchain security firm CertiK reported the exploit;

Liquidity Constraints Reduced Profit Impact

Despite the massive token mint, profits were limited due to low liquidity in the Ethereum DOT pool, which collapsed token value during dumping. The attacker extracted about 108.2 ETH across multiple trades, equal to roughly $237,000. Security firm analysis confirmed the exploit path and highlighted bridge vulnerabilities as a continued risk in cross-chain systems, where validation failures can enable unlimited token issuance.

Disclaimer

This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.