Hyperbridge has confirmed that its Token Gateway was compromised, and bridging services have been suspended.

Odaily Odaily reports that Hyperbridge released a security update on its X platform stating that its Token Gateway was exploited on April 13th, causing approximately $237,000 in losses on Ethereum. Bridging operations have been immediately suspended. This incident only affected DOT assets cross-chain to Ethereum; native Polkadot mainnet and parachain assets were unaffected. The official statement indicates that the vulnerability stemmed from a flaw in the Merkle Mountain Range (MMR) proof verification logic implemented in Solidity, leading to the incorrect acceptance of invalid proofs. Attackers used this to gain control of cross-chain DOT contracts, minting 1 billion fake tokens (far exceeding the actual circulating supply of approximately 356,000), and then selling them on decentralized exchanges for profit. However, this vulnerability did not violate Hyperbridge's trust minimization based on cryptographic proofs.