{"id":96120,"date":"2026-04-13T10:02:13","date_gmt":"2026-04-13T07:02:13","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=96120"},"modified":"2026-04-13T10:42:11","modified_gmt":"2026-04-13T07:42:11","slug":"hacker-breaches-hyperbridge-mints-1-billion-polkadot-tokens","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hacker-breaches-hyperbridge-mints-1-billion-polkadot-tokens\/","title":{"rendered":"Hacker Breaches Hyperbridge, Mints 1 Billion Polkadot Tokens"},"content":{"rendered":"<p>On April 13, an unknown hacker exploited a vulnerability in the smart contract of the <a href=\"https:\/\/forklog.com\/en\/news\/what-are-cross-chain-bridges\">cross-chain bridge<\/a> Hyperbridge, gained administrative rights, and minted 1 billion <a href=\"https:\/\/forklog.com\/en\/news\/what-is-polkadot-dot\">DOT<\/a> tokens. This was reported by experts at CertiK.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/CertiKInsight?src=hash&#038;ref_src=twsrc%5Etfw\">#CertiKInsight<\/a> \ud83d\udea8<\/p>\n<p>We have seen an exploit on the <a href=\"https:\/\/twitter.com\/hyperbridge?ref_src=twsrc%5Etfw\">@hyperbridge<\/a> gateway contract. <a href=\"https:\/\/t.co\/h27iDm1JGd\">https:\/\/t.co\/h27iDm1JGd<\/a><\/p>\n<p>The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.<\/p>\n<p>Stay\u2026 <a href=\"https:\/\/t.co\/3t2n4uq5hy\">pic.twitter.com\/3t2n4uq5hy<\/a><\/p>\n<p>\u2014 CertiK Alert (@CertiKAlert) <a href=\"https:\/\/twitter.com\/CertiKAlert\/status\/2043557571609731268?ref_src=twsrc%5Etfw\">April 13, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>After generating the tokens, the hacker sold the entire amount in a single transaction for 108.2 ETH (approximately $237,000).<\/p>\n<p>The attack did not affect the main Polkadot network\u2014only the <a href=\"https:\/\/forklog.com\/en\/news\/what-are-erc-20-tokens\">ERC-20<\/a> version of its native coin, which operates on Ethereum.<\/p>\n<p>At the time of writing, the project team had not commented on the incident.<\/p>\n<p>Following news of the exploit, the DOT price fell by 4% to $1.19.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/img-26647461689a6719-1664946050598058.webp\" alt=\"polkadot dot price polkadot\" class=\"wp-image-278357\"\/><figcaption class=\"wp-element-caption\">Hourly chart of DOT\/USDT on Binance. Source: <a href=\"https:\/\/ru.tradingview.com\/chart\/?symbol=BINANCE%3ADOTUSDT\">TradingView<\/a>.\u00a0<\/figcaption><\/figure>\n<h2 class=\"wp-block-heading\">Fake Ledger App<\/h2>\n<p>G. Love frontman Garrett Dutton lost 5.9 BTC (around $420,000) due to a fake Ledger app in the App Store.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">I had a really tough day today I lost my retirement fund in a hack\/Scam when I switched my <a href=\"https:\/\/twitter.com\/Ledger?ref_src=twsrc%5Etfw\">@Ledger<\/a> over to my new computer and by accident downloaded a malicious ledger app from the <a href=\"https:\/\/twitter.com\/Apple?ref_src=twsrc%5Etfw\">@Apple<\/a> store. All my BTC gone in an instant.<\/p>\n<p>\u2014 G. Love (@glove) <a href=\"https:\/\/twitter.com\/glove\/status\/2043047396322451700?ref_src=twsrc%5Etfw\">April 11, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;I had a really tough day. I lost all my retirement savings due to a hack,&#8221; he wrote.<\/em><\/p>\n<\/blockquote>\n<p>The musician explained that he downloaded the wallet to a new computer and entered the seed phrase. However, the software turned out to be fraudulent, not official.<\/p>\n<p>On-chain detective ZachXBT tracked the stolen assets. The perpetrator had already transferred the funds to deposit addresses on the KuCoin exchange, making nine transactions.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">Hi I traced out your 5.92 BTC stolen and it was all laundered via <a href=\"https:\/\/twitter.com\/kucoincom?ref_src=twsrc%5Etfw\">@kucoincom<\/a> deposit addresses in the following transactions: <\/p>\n<p>6f5c8eb6b01774626f33527e0cb03c0d1860447acacd6079e69bf41b459bcf1f<br \/>9ee1288f941b2c3775ebd125eefeebdc713aa160bf2cf9d18661fd07f84ce891\u2026<\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/2043236481754611837?ref_src=twsrc%5Etfw\">April 12, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Neither Ledger nor Apple teams have responded to the incident.<\/p>\n<p>Back in April last year, scammers <a href=\"https:\/\/forklog.com\/en\/news\/fraudsters-target-ledger-users-with-fake-letters\">targeted<\/a> hardware crypto wallet users with paper letters.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On April 13, an unknown hacker exploited a vulnerability in Hyperbridge&#8217;s smart contract, gained admin rights, and minted 1 billion DOT tokens.<\/p>\n","protected":false},"author":1,"featured_media":96121,"comment_status":"open","ping_status":"open","sticky":true,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Hacker exploited Hyperbridge, minted 1 billion DOT tokens.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1640,1461,1246],"class_list":["post-96120","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-ledger","tag-polkadot-dot","tag-scammers"],"aioseo_notices":[],"amp_enabled":true,"views":"75","promo_type":"1","layout_type":"1","short_excerpt":"Hacker exploited Hyperbridge, minted 1 billion DOT tokens.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/96120","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=96120"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/96120\/revisions"}],"predecessor-version":[{"id":96122,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/96120\/revisions\/96122"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/96121"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=96120"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=96120"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=96120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}