Hyperbridge, a cross-chain interoperability protocol built on Polkadot, was recently hit by a hack that led to the loss of approximately 108.2 ETH, roughly $237,000.

 

The attack, which occurred in the early hours of Monday, was caused by the exploitation of a smart contract vulnerability in the protocol’s token gateway contract on Ethereum.

 

 

By taking advantage of this vulnerability, the attacker forged a cross-chain message and proof that allowed them to bypass the Merkle proof verification of Hyperbridge’s Ethereum HandlerV1 contract. As this contract is central to security and proof verification on Hyperbridge’s Ethereum side, the attacker was able to gain unauthorized administrative control over the bridged DOT token contract on Ethereum.

 

With this administrative authority, the attacker minted approximately one billion fake bridged DOT tokens in a single transaction. The tokens were then immediately dumped into various liquidity pools through Uniswap V4 and other crypto aggregators such as Odos. However, due to poor liquidity and limited trading activity for the bridged DOT token on Ethereum, the attacker was only able to extract about 108 ETH, valued at roughly $237,000.

 

Polkadot acknowledged the incident in a statement on its official X account, noting that it was aware of the situation. The team stated that the breach only affected DOT tokens on Ethereum, and confirmed that its native DOT cryptocurrency, as well as DOT bridged through other platforms, remained unaffected.

 

To contain the issue, Hyperbridge temporarily paused the protocol. Seun Lanlege, founder of Polytope Labs, the team behind Hyperbridge, stated that the issue was under investigation shortly after the incident occurred.

 

 

Hyperbridge April Fool Joke

The Hyperbridge hack comes shortly after the team made an April Fool's joke on the 1st of April about being hacked, dismissing the idea as a joke and boasting that the protocol was unhackable, a move that sparked criticism about the team’s overconfidence.

 

 

Lanlege, the protocol’s founder, was also called out, with some in the crypto community accusing him of ignoring and rejecting security feedback and tests from white hat researchers who had identified flaws in the protocol’s security system.

 

The Hyperbridge exploit is one of almost 10 smart contract vulnerability exploits we have seen this year. In January, DeFi protocol Truebit and decentralized exchange aggregator Swapnet were hit by smart contract vulnerability exploits that led to the loss of approximately 26.4 million dollars and $13.4 million, respectively.

 

Solv Protocol and CrossCurve were also hit in the following months by smart contract vulnerability exploits. So far, over $400 million has been lost to crypto-related hacks and exploits this year.

 

 

The Solana Foundation, in collaboration with blockchain security firm Asymetric Research, has launched new security initiatives aimed at strengthening the security of the Solana network.

 

In a blog post on Monday, the foundation announced the launch of new security initiatives designed to provide an extra layer of protection for protocols built on the network. Among these initiatives are STRIDE, a security framework, and SIRN, a network of security firms focused on protecting the Solana ecosystem.

 

 

The STRIDE Framework 

STRIDE, which stands for Solana Trust, Resilience and Infrastructure for DeFi Enterprises, is a structured security framework and program launched by the Solana Foundation. It is aimed at evaluating, monitoring, and escalating security across all projects built on the Solana network.

 

The STRIDE framework is built on eight key pillars: program security, governance and access control, oracle and dependency risk, infrastructure security, supply chain security, operational security, monitoring and incident response, and log management and forensics.

 

These pillars will be used by the foundation’s partner, Asymmetric Research, to evaluate the security strength of all protocols on the Solana blockchain. Protocols with a total value locked of more than $10 million that pass the STRIDE evaluation will receive continuous operational security and active threat monitoring, funded by Solana Foundation grants. The higher the evaluation result, the greater the level of protection and funding they will receive.

 

Protocols with a total value locked of more than $100 million that pass the STRIDE evaluation will also receive, in addition to grants, formal fund verification. The foundation describes this as a mathematical, proof based method that exhaustively guarantees the correctness of smart contracts.

 

The findings of the STRIDE framework will be published publicly. According to the foundation, this is intended to give users and investors insight into the protocols they use and rely on.

 

SIRN: A Network of Security Firms

Among the initiatives launched by the Solana Foundation is SIRN, short for Solana Incident Response Network, a network of security firms that will respond and act in the event of a security incident.

 

Although SIRN will be available to all blockchain protocols on the Solana network, priority will be given to protocols with higher total value locked, similar to the additional benefits that protocols with higher total value locked will receive under the STRIDE program.

 

Interested in knowing who makes up SIRN?

 

The Solana Incident Response Network comprises Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow, a combination of cybersecurity firms that includes Web3 and traditional security firms as well as a smart contract auditing firm.

 

Increase in DeFi attacks

The programming initiatives launched by the Solana Foundation are in response to the over $280 million attack on Drift Protocol, the largest decentralized perpetual exchange on the Solana blockchain. The attack is, so far, the most devastating DeFi attack this year and the second largest in the history of the Solana blockchain, following the 2022 Wormhole attack, which resulted in losses exceeding $325 million.

 

Step Finance, a DeFi aggregator built on Solana, was also affected by a DeFi hack earlier this year, which led to losses of about $40 million. According to DeFiLlama, over $168 million was stolen across 34 blockchain protocols in the first quarter of this year, prior to the Drift incident.

 

 

Balancer Labs, the core team behind the decentralized finance (DeFi) protocol Balancer, has announced plans to wind down after a $116 million exploit that occurred in November.

 

The decision, according to CEO Marcus Hardt, was driven by the impact of the hack. Despite continuing to generate revenue, Balancer Labs’ economic model was no longer sustainable in the aftermath of the hack.

 

“We were spending too much to attract liquidity relative to what that liquidity was actually generating in revenue,” Hardt said. “We were diluting BAL holders to sustain a system that, in my view, was no longer serving the protocol well. At some point, you have to be honest about that.”

 

With Balancer Labs winding down its operations, the protocol is expected to be managed by the Balancer Foundation and its decentralized autonomous organization (DAO), an approach supported by co-founders Hardt and Fernando Martinelli. 

 

DAO members have been asked to vote on a proposal to restructure the protocol and its tokenomics. If approved, BAL emissions will end, all fees will be routed to the treasury, and the protocol’s share of swap fees will be reduced. The team size will also be cut.

 

So, while Balancer Labs, the core development team, is winding down, the protocol will continue operating under new management with a leaner structure.

 

 

The Balancer Protocol Exploit

On November 3, 2025, Balancer Protocol suffered a smart contract exploit targeting its V2 composable stable pools, resulting in the theft of significant amounts of cryptocurrency.

 

Although Balancer had a permission system in place, a bug in the smart contract allowed the attacker to bypass these controls. The attacker exploited the vulnerability to gain unauthorized access to the protocol’s shared vault system, enabling them to drain assets from multiple liquidity pools across different blockchains simultaneously.

 

The hack had a severe impact on Balancer, causing its total value locked (TVL) to drop from about $775 million to $258 million within days of the exploit, according to a report. Its native token, BAL, also fell by about 30%.

 

The shutdown of the Balancer Labs team comes weeks after crypto aggregator Step Finance announced its own shutdown following a January 31 hack that reportedly led to losses of between $26 million and $40 million from the protocol’s treasury.

 

Bunni, a decentralized liquidity protocol built on Uniswap V4, also shut down around October last year after suffering a hack that resulted in losses of about $8.4 million.

 

 

Resolv Labs’ stablecoin, USR, has lost its U.S. dollar peg following an exploit of the token’s contract that allowed attackers to mint millions of tokens.

 

The exploit, which occurred on March 22, 2026, resulted in the creation of 50 million unbacked USR tokens, prompting the team to temporarily pause the protocol’s functions to prevent “further malicious actions.”

 

 

According to YieldsandMore, which first reported the story, the attack began with a 100,000 USDC deposit by the attackers, ultimately causing USR to lose its dollar peg and fall to $0.01.

 

After minting the USR tokens, the attackers converted them into wrapped USR (wstUSR) to access deeper liquidity on decentralized exchanges (DEXs). This allowed them to offload large amounts of wstUSR more gradually, reducing the risk of an immediate price crash of USR.

 

The next phase of the attack involved dumping and selling wstUSR tokens across multiple platforms, including KyberSwap and Velora. Using this method, the attackers swapped wstUSR for USDt and USDC, which were then aggressively converted into Ether (ETH).

 

Although the attack was first made public by the crypto research and analysis group YieldsandMore, the Resolv team was only able to pause the protocol three hours later.

 

“It took ResolvLabs three hours to pause its protocol. Roughly one hour of that delay came from the gap between submitting the multisig transaction and collecting the four required signatures to execute it,” YieldsandMore wrote on X.

 

While 50 million tokens were initially minted by the attackers, blockchain security company PeckShield reported that an additional 30 million USR tokens were later minted, bringing the total to approximately 80 million.

 

 

Price Action of USR in the Aftermath of the Exploit

The minting and dumping of USR tokens triggered a severe depeg, sending its price from $1 to roughly $0.02 to $0.05 within minutes, a decline of about 95 to 97%.

 

Although it briefly rebounded to between $0.14 and $0.20, USR is currently trading at $0.2773, according to data from CoinMarketCap at the time of publication. 

 

The USR depeg ranks among the most severe in recent history, second only to the collapse of Terra's TerraUSD (UST) in 2022, which fell from $1 to $0.02 and lost 98% of its value. Iron Finance also had its IRON stablecoin lose its dollar peg, dropping from $1 to about $0.05.