Close Menu
    Home / Contact
    Zuna
    Crime

    Verus-Ethereum Bridge Exploit Drains $11.6M as Attackers Swap Funds to ETH

    Verus-Ethereum bridge lost $11.6M after an exploit drained tBTC, ETH and USDC, with funds swapped into 5,402 ETH.
    Kelvin MuneneBy 4 Mins Read
    Set as Google Preferred SourceFollow on Google News

    TLDR

    • The Verus-Ethereum bridge was exploited for about $11.6M in crypto assets.
    • PeckShield said the stolen assets included 103.6 tBTC, 1,625 ETH and 147,000 USDC.
    • The attacker swapped the stolen assets into about 5,402 ETH.
    • Security firms pointed to a possible cross-chain message validation flaw.
    • The Verus network halted as developers investigated the attack.

    The Verus-Ethereum bridge has suffered an ongoing exploit that drained about $11.6 million in crypto assets, according to blockchain security firms monitoring the incident.

    Onchain security platform Blockaid said the attack was detected late Sunday and identified the attacker wallet as 0x5aBb…D5777. The stolen funds were moved to another wallet labeled 0x65C…C25F9, according to the firm.

    PeckShield reported that the bridge lost 103.6 tBTC, 1,625 ETH and 147,000 USDC. The attacker later swapped the assets into about 5,402 ETH, worth roughly $11.4 million to $11.6 million at the time of reporting.

    The Verus team said in its Discord channel that the Verus network had halted after most block-generating nodes took themselves offline while responding to byproducts of the attack. Developers are investigating how the exploit was carried out and what steps should follow.

    Security Firms Point to Bridge Validation Flaw

    Early analysis from several security firms suggested the exploit may have involved a weakness in cross-chain message validation rather than a traditional private key compromise.

    GoPlus Security said the attacker appeared to send a low-value transaction to the bridge contract before calling a function that caused reserve assets to be batch-transferred to the attacker’s wallet.

    Zuna

    The firm said the incident was likely tied to cross-chain message validation failure, withdrawal logic bypass or access control weakness.

    Blockaid later offered a more specific explanation, saying the issue appeared to involve missing source-amount validation in a bridge verification function. The firm said the exploit was not an ECDSA bypass, not a notary key compromise and not a parser or hash-binding bug.

    ExVul also said the attacker used a forged cross-chain import payload that passed the bridge’s verification process. According to the firm, the exploit triggered multiple transfers from bridge reserves into a wallet controlled by the attacker.

    Attacker Wallet Funded Through Tornado Cash

    PeckShield said the attacker wallet was initially funded with 1 ETH through Tornado Cash about 14 hours before the exploit. Tornado Cash has often appeared in DeFi attack investigations because it can obscure the source of funds used to initiate onchain activity.

    At the time of the security alerts, the stolen funds had been converted into ETH. Security researchers continued to track the wallet for further movement.

    The Verus-Ethereum bridge was launched in October 2023 to allow users to move and convert assets between the Verus network and Ethereum. Verus itself launched in 2018 and uses a hybrid proof-of-power model combining proof-of-work and proof-of-stake components.

    The protocol is described as privacy-oriented and has marketed its bridge as a way to support cross-chain liquidity between Verus and Ethereum-based assets.

    The latest exploit has drawn attention because bridges often hold reserve assets that back tokens or transfers across networks. A weakness in verification logic can allow attackers to unlock assets on one side of a bridge without providing valid backing on the other side.

    DeFi Bridge Security Faces Renewed Scrutiny

    The Verus incident adds to a series of bridge and interoperability exploits reported across decentralized finance in 2026.

    Security reports cited earlier this year said hackers stole more than $168 million from dozens of DeFi protocols in the first quarter. April brought several larger cases, including the reported $292 million Kelp DAO bridge exploit and a major Drift Protocol breach.

    Over the weekend, THORChain also confirmed a separate exploit valued near $10 million, adding more attention to cross-chain liquidity systems.

    Bridge infrastructure remains one of the most closely watched parts of the crypto market because it links assets across chains and often controls large pools of liquidity. Security firms have urged protocols to improve payload validation, add layered verification, apply rate limits and use emergency pause mechanisms for unusual withdrawals.

    The Verus team has not yet released a full public post-mortem. Further details are expected once developers complete their review of the exploit path and determine whether user funds can be recovered.

    Kelvin Munene is a crypto and finance journalist with over 5 years of experience in market analysis and expert commentary. He holds a Bachelor's degree in Journalism and Actuarial Science from Mount Kenya University and is known for meticulous research in cryptocurrency, blockchain, and financial markets. His work has been featured in top publications including Coingape, Cryptobasic, MetaNews, Coinedition, and Analytics Insight. Kelvin specializes in uncovering emerging crypto trends and delivering data-driven analyses to help readers make informed decisions. Outside of work, he enjoys chess, traveling, and exploring new adventures.

    Related Posts

    ZunaBet New Crypto Casino: 250% Bonus & 75 Free Casino Spins, Claim!