Polkadot was under attack, as DOT tokens were minted through an unauthorized bridge transaction. The exploit comes at a time of increased vigilance for hacks against decentralized protocols. Polkadot, a long-running decentralized protocol, suffered an unauthorized DOT mint attack. On-chain research shows the exploit is based on a flawed Hyperbridge smart contract, which allowed the unauthorized minting of DOT tokens on the Ethereum network. The HandlerV1 contract was exploited for $242K, which affected the market price of the DOT token. Hyperbridge is the officially accepted multi-chain hub for Polkadot, so while the main protocol remains safe, the bridge itself may pose more risks. The Polkadot DAO approved Hyperbridge as the main hub for DOT/vDOT swaps across multiple chains. Just before the attack, Hyperbridge was almost idle, with virtually no DOT swaps. The attacker minted 1B new DOT on Ethereum and sold them in a single transaction . The bridge itself did not hold significant liquidity, but was capable of minting DOT without limit, based on the supplied deposit data. Polkadot’s Hyperbridge hit by proof replay attack The contract flaw allowed an attacker to perform a proof replay attack. The bridge allowed the attacker to reuse a previously accepted proof and pair it with a new request, allowing multiple privileged actions such as changing admin permissions. The entire hack was performed on the Ethereum network, not interacting with other Polkadot chains. According to researchers, the attacker gained admin rights to the bridge contract, allowing the authorization of DOT minting. Certik also confirmed the attacker’s forged message was used to gain admin rights. On-chain security research discovered several transactions originating with Hyperbridge. This is the third bridge attack against Polkadot, following the XCM bridge exploit in 2025 for $35M, and the Nomad bridge hack in 2022 for $200M. While the latest attack was the smallest in scale, it still revealed potential flaws with the protocol, adding to the general risk of bridges. The exploit follows the April 1 hack against Drift Protocol, showing an increased effort to grab crypto tokens or use unauthorized minting exploits. DOT crashed below $1.20 Following the exploit, DOT crashed to $1.19. The flash sale of 1B DOT only led to a 2.9% loss, as the rapid sale arrived with price slippage. The exploiter only managed to exchange the DOT for $237M. As Cryptopolitan reported , Polkadot decided to cap the DOT supply at 2.1B tokens, but the current hack did not crash the token as much as expected, despite minting more than half the tokens in circulation. All the DOT from the exploit was sold in a single transfer and swapped into ETH. To sell the tokens, the attacker used a Railgun wallet , already moving the ETH in a series of transactions. Railgun has been rarely used for exploits. In the first hours after the attack, the mixer could not blacklist the addresses fast enough, allowing the attacker to still use the service and disguise the origins of ETH. The Hyperbridge contracts have been paused, with no reports of additional assets affected. The recent series of hacks happens despite the ongoing bear market, attempting to still extract any available liquidity from crypto tokens. If you're reading this, you’re already ahead. Stay there with our newsletter .
