TL;DR
- Hyperbridge revised losses from its April 13 Token Gateway exploit to about $2.5 million, up from an initial $237,000 estimate after reconciliation.
- The attack included a 245 ETH extraction and, about an hour later, forged cross-chain messages that enabled 1 billion bridged DOT to be minted.
- Funds were traced to a Binance deposit address, bridging remains paused, and any residual shortfall may be covered through structured BRIDGE token compensation.
Hyperbridge has sharply increased the estimated damage from its Token Gateway exploit, revising the loss to about $2.5 million after a fuller review across multiple chains. What looked like a contained incident has turned into a broader accounting of drained liquidity, forged messages, and overlooked exposure. The protocol had put the realized loss at $237,000 after the April 13 attack. That figure, however, captured the sell-off on Ethereum and missed both an earlier extraction and the wider impact on connected pools.
The new assessment changes the story because it shows the exploit was not a single burst of opportunistic dumping, but a two-stage breach that spread further than first understood. Hyperbridge now says the attack began with the extraction of roughly 245 ETH from a related TokenGateway contract before escalating into a larger forged-messaging event. About an hour later, a malicious cross-chain message bypassed Merkle Mountain Range proof verification, allowing the attacker to mint 1 billion bridged DOT and dump the tokens into thin liquidity. Ethereum, Base, Arbitrum, and BNB Chain were all affected once the full activity was reconciled.
The Postmortem Shifted the Focus to Recovery
That revised picture matters because the higher number did not come only from visible token sales. The updated loss estimate also folds in the two-phase nature of the exploit and damage to associated incentive pools, giving the review a more serious tone than the first public disclosure. Hyperbridge said the stolen funds have been traced to a deposit address on Binance and that it is working with the exchangeās compliance team and law enforcement in an effort to freeze and recover assets. Even so, the team warned that meaningful recovery in cases like this can take months and may stretch to a year.
The protocol is now trying to reassure users without pretending the road back will be short. Bridging on the four affected blockchains remains paused, and operations will resume only after a patch is deployed and audited. If recovery efforts fail to make affected users whole, Hyperbridge says it plans to use a structured BRIDGE token allocation to cover residual losses. The token was recently trading at $0.006, with a market capitalization near $858,000, leaving the compensation backstop looking smaller than the exploit it may need to address.
