Millions Vanish After Suspected Bridge Key Theft

Add TechGaged as your preferred source on Google

See more TechGaged stories across Google News and Discover.

Add

A suspected signing key compromise has left cross-chain protocol Gravity Bridge reeling after attackers drained about $5.4 million in crypto assets. Though part of the stolen funds has already been moved through exchanges, blockchain investigators say most of the loot remains under the attacker’s control. The incident adds to a growing list of bridge-related exploits that continue to expose one of crypto’s most persistent security weaknesses.

Gravity Bridge Loses $5.4 Million in Suspected Key Compromise

Specifically, blockchain security researchers first flagged suspicious activity on May 30 after millions of dollars worth of assets began leaving Gravity Bridge-controlled wallets.

According to security firms and on-chain investigators, the attacker drained approximately $4.3 million in USDC, 274 ETH worth about $553,000, around $434,000 in USDT, and close to $64,000 in PAYG tokens. The funds were transferred to addresses controlled by the exploiter before portions were swapped and moved through other services.

Investigators believe the attack may have stemmed from a compromised bridge signing key rather than a flaw in the underlying smart contracts. If confirmed, the exploit would fit a pattern seen repeatedly across the bridge sector, where attackers target access controls and validator infrastructure instead of protocol code.

One of the largest transfers involved more than 4.3 million USDC moving from Gravity Bridge-controlled infrastructure to an attacker-linked wallet. Additional transactions show the attackers converting the stolen assets into ETH shortly after the theft.

The Gravity Bridge team acknowledged the incident and urged validators and orchestrators to halt operations as the investigation continues. According to the project, it paused the bridge shortly after detecting the suspicious activity.

Most Stolen Funds Remain in Attacker Wallets

Though the attackers have already laundered some assets through external services, blockchain tracking platforms show the attacker still controls more than 2,100 ETH worth around $4.1 million.

There was at least one positive development. Investigator Specter said cooperation with ChangeNOW resulted in approximately $91,000 of stolen funds being frozen before they could be fully moved. However, that represents only a small fraction of the overall haul.

The attack also highlights an uncomfortable reality for the industry. Many of crypto’s largest bridge exploits have not resulted from sophisticated code vulnerabilities but from compromised credentials or operational security failures.

Bridge protocols remain attractive targets because they often hold large pools of assets and rely on a relatively small number of trusted entities to authorize transfers between chains. When those controls fail, attackers can move funds that the protocol itself treats as legitimate.

With investigations ongoing, the Gravity Bridge exploit serves as another reminder that access management may remain one of the biggest security challenges in decentralized finance (DeFi), even as smart contract auditing standards continue to improve.