On April 13, an unknown hacker exploited a vulnerability in the smart contract of the cross-chain bridge Hyperbridge, gained administrative rights, and minted 1 billion DOT tokens. This was reported by experts at CertiK.
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
After generating the tokens, the hacker sold the entire amount in a single transaction for 108.2 ETH (approximately $237,000).
The attack did not affect the main Polkadot network—only the ERC-20 version of its native coin, which operates on Ethereum.
At the time of writing, the project team had not commented on the incident.
Following news of the exploit, the DOT price fell by 4% to $1.19.
Fake Ledger App
G. Love frontman Garrett Dutton lost 5.9 BTC (around $420,000) due to a fake Ledger app in the App Store.
I had a really tough day today I lost my retirement fund in a hack/Scam when I switched my @Ledger over to my new computer and by accident downloaded a malicious ledger app from the @Apple store. All my BTC gone in an instant.
— G. Love (@glove) April 11, 2026
“I had a really tough day. I lost all my retirement savings due to a hack,” he wrote.
The musician explained that he downloaded the wallet to a new computer and entered the seed phrase. However, the software turned out to be fraudulent, not official.
On-chain detective ZachXBT tracked the stolen assets. The perpetrator had already transferred the funds to deposit addresses on the KuCoin exchange, making nine transactions.
Hi I traced out your 5.92 BTC stolen and it was all laundered via @kucoincom deposit addresses in the following transactions:
6f5c8eb6b01774626f33527e0cb03c0d1860447acacd6079e69bf41b459bcf1f
9ee1288f941b2c3775ebd125eefeebdc713aa160bf2cf9d18661fd07f84ce891…— ZachXBT (@zachxbt) April 12, 2026
Neither Ledger nor Apple teams have responded to the incident.
Back in April last year, scammers targeted hardware crypto wallet users with paper letters.