Loading prices…
🩸BEARISH

Verus-Ethereum bridge loses $11M in cross-chain hack

The attack drained 103.6 tBTC, 1,625 ETH, and 147K USDC — small next to April's $293M Kelp DAO hit, but it confirms Phemex's pattern read: bridge and cross-chain messaging rails, not smart contracts,…

The Verus-Ethereum bridge was hacked on Monday, with the attacker draining 103.6 tBTC (Threshold Network’s tokenized bitcoin), 1,625 ETH, and 147,000 USDC before swapping the proceeds into 5,402.4 ETH — worth just over $11 million — now sitting in wallet 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9, according to PeckShield.

Why it matters

The Verus-Ethereum bridge is a cross-chain rail for moving value between the Verus network and Ethereum, including ETH and ERC-20 assets. The exploit lands in a year Phemex argues is being defined less by smart-contract bugs than by attacks on the infrastructure that connects chains or handles cross-protocol messaging. The exchange notes that the two largest losses of 2026 so far — the Drift and Kelp DAO incidents — both stemmed from cross-chain plumbing rather than contract code, and that four of the smaller exploits also targeted bridge-related components.

Market impact

The dollar figure is modest next to April’s $293 million Kelp DAO breach — which used LayerZero’s cross-chain messaging system and spilled collateral damage across the DeFi ecosystem — but the pattern is what traders and risk teams are tracking. Phemex framed it bluntly: bridge exploits consistently produce the largest individual losses in any given year, and the cadence of incidents is not coincidental. For Ethereum-linked DeFi, the read is that custody, oracle, and bridge layers remain the soft underbelly of multi-chain capital flows, even as core contract audits harden.

Related tokens
$ETH $BTC $USDC

Frequently asked questions

  1. What happened in the Verus-Ethereum bridge hack?

    On Monday, the Verus-Ethereum bridge was exploited for roughly $11 million. The attacker drained 103.6 tBTC, 1,625 ETH, and 147,000 USDC, then swapped the proceeds into 5,402.4 ETH now sitting in wallet 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9, according to PeckShield.

  2. How does the Verus-Ethereum bridge work?

    It is a cross-chain bridge that lets users move value between the Verus network and Ethereum, supporting ETH and ERC-20 assets — making it a piece of infrastructure that connects two distinct chains rather than a single-chain smart contract.

  3. How does this compare to the $293M Kelp DAO hack in April?

    The April Kelp DAO exploit was about 27x larger at $293 million and targeted bridge infrastructure connecting multiple blockchains via LayerZero’s cross-chain messaging system, spilling collateral damage across the DeFi ecosystem. The Verus-Ethereum loss is far smaller in dollar terms but fits the same pattern.

  4. Why are crypto bridges and cross-chain messaging being targeted?

    Phemex argues the largest 2026 losses — the Drift and Kelp DAO incidents — came from infrastructure that connects chains or handles cross-protocol messaging, not from smart contract bugs themselves. Bridge and messaging exploits consistently produce the year’s largest individual losses.

  5. What assets were stolen in the Verus-Ethereum exploit?

    The attacker took 103.6 tBTC (Threshold Network’s tokenized bitcoin), 1,625 ETH, and 147,000 USDC, then converted the total into 5,402.4 ETH worth just over $11 million, per PeckShield.

Source attribution
Aggregated from CoinDesk · Verified · Last refreshed 49d ago
Open original →