TLDR
- An attacker minted 1 billion bridged DOT tokens on Ethereum using a forged message
- The stolen tokens were dumped in one transaction, netting around 108.2 ETH (~$237,000)
- The exploit targeted the Hyperbridge gateway contract on Ethereum
- Polkadot’s native relay chain and real DOT token were not affected
- Limited token liquidity kept actual market damage relatively contained
An attacker exploited a vulnerability in the Hyperbridge gateway contract on Ethereum, minting 1 billion bridged Polkadot tokens without authorization.
Blockchain security firm CertiK flagged the incident. According to the firm, the attacker used a forged message to take control of the admin role in the bridged DOT token contract on Ethereum.
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
With that admin access, the attacker minted 1 billion tokens in a single action.
Onchain tracker Lookonchain reported that the entire 1 billion token supply was then dumped in one transaction.
Polkadot(@Polkadot) has been exploited. 🚨
The attacker minted 1B $DOT and dumped it all in a single transaction for 108.2 $ETH($237K).https://t.co/4pStYrGb8y pic.twitter.com/wRplAWNnBg
— Lookonchain (@lookonchain) April 13, 2026
The attacker received 108.2 ETH for the sale, worth roughly $237,000 at the time.
That relatively low return reflects the limited liquidity of the bridged token on Ethereum.
Because so few people held or traded the bridged version, there wasn’t enough market depth to absorb a billion tokens at full price.
What Was and Wasn’t Affected
The exploit did not touch Polkadot’s native relay chain. The real DOT token on the Polkadot network was unaffected.
Only the wrapped, or bridged, version of DOT on Ethereum was targeted.
Bridged tokens are representations of an asset on a different blockchain. They depend on smart contracts to maintain their peg and security.
The Hyperbridge protocol is designed to connect different blockchains. A vulnerability in its gateway contract appears to have been the entry point for this attack.
Response and Investigation
Neither Polkadot nor Hyperbridge had issued an official statement at the time of reporting.
The exact attack route has not been fully confirmed. Further investigation is ongoing.
Crypto hacks involving bridges and cross-chain infrastructure have been a recurring issue across the industry.
In this case, the financial damage was limited compared to other bridge exploits, where attackers have walked away with hundreds of millions of dollars.
CertiK’s analysis pointed to the forged message as the method used to manipulate the admin role, but a full post-mortem has not been released.
The most recent data confirms the attacker’s wallet received 108.2 ETH from the token dump, and no further exploit activity had been reported as of the time of writing.
