Cross-Chain Protocol Gravity Bridge Suffers $5.4 Million Attack — Details
Gravity Bridge, a Cosmos-native cross-chain protocol, was the goal of a compromised-key assault, which led to the theft of roughly $5.4 million over the weekend. This newest security breach joins the rising checklist of exploits suffered within the decentralized finance (DeFi) area up to now in 2026.
Gravity Bridge Hack Traced To Signing Key Compromise: Investigator
On Saturday, May thirty first, blockchain sleuth Specter highlighted that Gravity Bridge may need been exploited by way of what he described as a signing key compromise. For context, a signing key compromise refers back to the unauthorized disclosure or theft of a cryptographic key, permitting an attacker to then use it to decrypt delicate info, forge digital signatures, or achieve unauthorized entry to techniques and, as on this case, funds.
The analyst disclosed that the loot included crypto property value about $5..4 million, together with $4.3 million in USDC, 274 wrapped Ether valued at roughly $553,000, $434,000 in USDT, and 14.16 PAXG tokens priced at about $64,000. According to safety agency PeckShield, the dangerous actor has laundered a portion of the stolen funds by way of the ChangeNOW and Binance exchanges, however nonetheless holds over 2,100 Ether (value roughly $4.23 million).
The crew behind Gravity Bridge confirmed the assault on Saturday, saying that validators and orchestrators ought to halt their operations whereas they examine the exploit. “Thanks to the swift motion of validators, the bridge is at present halted whereas investigations proceed,” the protocol introduced in a subsequent put up on social media put up.
Gravity Bridge is a cross-chain protocol that works by locking tokens on the Ethereum community and creating direct replicas of the crypto property on the Cosmos community, counting on validator signatures to authorize every switch. Hence, the protocol would deal with even solid transactions as reputable if a foul actor will get the suitable signing keys.
If confirmed as a key compromise, this Gravity Bridge incident would align with the continued sample of crypto bridge assaults, wherein breaches are usually embedded in entry controls fairly than within the underlying sensible contract code. This sample may be noticed within the majority of the latest exploits, with Kelp DAO’s $292 million attack a notable incident.
Crypto Hacks Continue To Pile In 2026
As talked about earlier, Gravity Bridge’s $5.4 million hack joins the rising checklist of hacks which have rocked the crypto trade, particularly the DeFi sector, in 2026. Specifically, bridges seem to have been a delicate goal for attackers on this interval.
Specifically, a TRM Labs report identified April 2026 as essentially the most hacked month, with the very best variety of incidents in crypto historical past. These assaults included the aforementioned $292 million Kelp DAO hack and Drift Protocol’s $285 million loss.