Verus Protocol’s Ethereum bridge was reportedly exploited on Monday by means of a pretend cross-chain switch message that allowed a hacker to fraudulently switch out not less than $11.58 million in cryptocurrency.
Onchain safety platform Blockaid mentioned in an X put up on Monday that its detection system recognized an ongoing exploit on the Verus-Ethereum bridge and shared a transaction on Etherscan displaying a switch of 1,625 Ether (ETH), 147,659 USDC (USDC) and 103.57 tBTC v2, price over $11.5 million.
Blockchain safety firm PeckShield additionally known as the switch an exploit, with onchain information displaying the funds have since been transformed into Ether. The pockets exhibits a steadiness of 5,402 Ether, price over $11.4 million, in line with Etherscan.
Cointelegraph reached out to Verus for remark. The protocol had not publicly confirmed the exploit on the time of publication.
Supply: Blockaid
Crypto hackers stole greater than $168.6 million in crypto from 34 decentralized finance protocols within the first quarter of 2026. April noticed the 2 largest hacks of the 12 months up to now: the $280 million Drift Protocol exploit at the beginning of the month and the $292 million Kelp exploit.
Fraudulent switch directions probably triggered exploit
Blockaid mentioned the Verus Protocol incident resembles the $190 million Nomad Bridge exploit and the $325 million Wormhole exploit from 2022.
The attacker exploited the Verus Ethereum bridge by deceiving the protocol into believing switch directions have been actual, inflicting the bridge to ship funds from its reserves to the attacker’s pockets, Blockaid mentioned.
“NOT an ECDSA bypass. NOT a notary key compromise. NOT a parser/hash-binding bug. IS a lacking source-amount validation in checkCCEValues – ~10 strains of Solidity to repair,” it added.
Blockchain safety supplier ExVul reached an analogous conclusion and mentioned the attacker used a “cast cross-chain import payload” that handed the “bridge’s verification stream” and resulted in “three attacker-attached transfers to the drainer pockets.”
Associated: Aethir halts bridge exploit, guarantees compensation after $90K loss
“Cross-chain import proofs should bind each downstream switch impact to authenticated payload information earlier than execution,” the blockchain safety supplier mentioned, including that “Bridges ought to add strict payload-to-execution validation, protection in depth round proof verification and pause outbound flows when anomalous imports are detected.”
The incident follows THORChain confirming on Saturday that it suffered a $10 million exploit.
Journal: The authorized battle over who can declare DeFi’s stolen tens of millions