{"id":71062,"date":"2026-04-13T08:36:16","date_gmt":"2026-04-13T08:36:16","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/polkadot-price-dips-6-following-1-billion-token-minting-breach-on-ethereum-services-bitcoin-news\/"},"modified":"2026-04-13T08:36:16","modified_gmt":"2026-04-13T08:36:16","slug":"polkadot-price-dips-6-following-1-billion-token-minting-breach-on-ethereum-services-bitcoin-news","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/polkadot-price-dips-6-following-1-billion-token-minting-breach-on-ethereum-services-bitcoin-news\/","title":{"rendered":"Polkadot Price Dips 6% Following 1 Billion Token Minting Breach on Ethereum \u2013 Services Bitcoin News"},"content":{"rendered":"<p><b>(Originally posted on : Bitcoin News )<\/b><br \/>\n<\/p>\n<div>\n<p><strong>Key Takeaways:<\/strong><\/p>\n<ul>\n<li>A hacker used a replay flaw to mint 1 billion fake Polkadot tokens via the Hyperbridge gateway.<\/li>\n<li>The price of DOT dropped 6% to $1.16 before recovering, while the hacker netted $237,000 in ether.<\/li>\n<li>Hyperbridge developers are now expected to deploy patches to secure administrative <span>smart contract<\/span> functions.<\/li>\n<\/ul>\n<h2> <span>Liquidity<\/span> Bottleneck Limits Losses<\/h2>\n<p>On April 13, <span>blockchain<\/span> security firm Certik <a href=\"https:\/\/x.com\/CertiKAlert\/status\/2043557571609731268\" target=\"_blank\" rel=\"noopener noreferrer\">alerted<\/a> the <a href=\"http:\/\/www.bitcoin.com\/get-started\/a-quick-introduction-to-crypto\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">cryptocurrency<\/a> community to an exploit involving the Hyperbridge gateway, where a malicious actor minted 1 billion unauthorized Polkadot tokens on the Ethereum network. Following the incident, the price of DOT briefly plunged from $1.23 to $1.16, a decline of nearly 6%. However, at the time of writing, the token had erased some of those losses, recovering to $1.19.<\/p>\n<p> <iframe src=\"https:\/\/markets.bitcoin.com\/crypto\/polkadot\/embed\" width=\"100%\" style=\"max-height:500px;height:500px;border:none;overflow:hidden;border-radius:4px\" scrolling=\"no\" title=\"polkadot market data\"><\/iframe> <\/p>\n<p>According to onchain data and security reports, the attacker exploited a <a href=\"https:\/\/news.bitcoin.com\/suspected-3-7m-exploit-hits-venus-protocol-after-attacker-uses-illiquid-token-as-collateral\/\">vulnerability<\/a> within the Hyperbridge gateway <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-smart-contract\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">smart contract<\/a>. By using a fabricated message to gain administrative privileges over the bridged DOT contract on Ethereum, the perpetrator triggered a single transaction that generated the 1 billion tokens.<\/p>\n<p>Despite the large number of tokens created, the attacker was unable to cash out at the market value because the bridged version of DOT on Ethereum had shallow <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-liquidity\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">liquidity<\/a>.<\/p>\n<p>Analysis from Lookonchain <a href=\"https:\/\/x.com\/lookonchain\/status\/2043558598111048126\" target=\"_blank\" rel=\"noopener noreferrer\">confirms<\/a> the hacker liquidated the entire 1 billion-token haul in a single swap. The trade yielded approximately 108.2 ether, valued at roughly $237,000 at the time of the transaction. Had the bridged asset been more widely traded, the financial impact could have been substantially higher.<\/p>\n<p>Security experts were quick to clarify that the breach was localized to the Hyperbridge gateway on Ethereum. Polkadot\u2019s core relay chain and the authentic DOT tokens residing on the Polkadot network remain secure and were not impacted by the incident.<\/p>\n<p>In its initial post mortem, Certik said the <a href=\"https:\/\/news.bitcoin.com\/ai-smart-contract-exploits-expert-warns-agents-could-trigger-10-20b-annual-losses-in-defi-sector\/\">exploit<\/a> stemmed from a replay vulnerability in Merkle Mountain Range\u2019s calculateroot function. This flaw meant that proofs were not properly bound to requests, allowing attackers to reuse old state commitments. Downstream, the tokengateway.handlechangeadmin function failed to enforce strict checks, letting attackers arbitrarily input request data.<\/p>\n<p>As a result, malicious code propagated unchecked through the system, ultimately enabling the attacker to change the admin of the Polkadot token. As Certik noted:<\/p>\n<p>\u201cThe attacker submitted \u2018proof\u2019 value is copied from the \u2018_stateCommitments\u2019 in a previous txn\u2026 thus making the replay possible.\u201d<\/p>\n<p>Hyperbridge has yet to release a full post-mortem on the specific flaw in the gateway <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-smart-contract\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">smart contract<\/a>, but developers are expected to implement patches to prevent similar exploits in the future.<\/p>\n<\/div>\n<p><a href=\"https:\/\/news.bitcoin.com\/polkadot-price-dips-6-following-1-billion-token-minting-breach-on-ethereum\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Bitcoin News ) Key Takeaways: A hacker used a replay flaw to mint 1 billion fake Polkadot tokens via the Hyperbridge gateway. The price of DOT dropped 6% to $1.16 before recovering, while the hacker netted $237,000 in ether. Hyperbridge developers are now expected to deploy patches to secure administrative smart [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":71063,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/71062"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=71062"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/71062\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/71063"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=71062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=71062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=71062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}