Gravity Bridge, a Cosmos-native cross-chain protocol, was the goal of a compromised-key assault, which led to the theft of roughly $5.4 million over the weekend. This newest security breach joins the rising listing of exploits suffered within the decentralized finance (DeFi) house up to now in 2026.
Gravity Bridge Hack Traced To Signing Key Compromise: Investigator
On Saturday, Might thirty first, blockchain sleuth Specter highlighted that Gravity Bridge might need been exploited by means of what he described as a signing key compromise. For context, a signing key compromise refers back to the unauthorized disclosure or theft of a cryptographic key, permitting an attacker to then use it to decrypt delicate info, forge digital signatures, or achieve unauthorized entry to programs and, as on this case, funds.
Associated Studying
The analyst disclosed that the loot included crypto property price about $5..4 million, together with $4.3 million in USDC, 274 wrapped Ether valued at roughly $553,000, $434,000 in USDT, and 14.16 PAXG tokens priced at about $64,000. In keeping with safety agency PeckShield, the unhealthy actor has laundered a portion of the stolen funds by means of the ChangeNOW and Binance exchanges, however nonetheless holds over 2,100 Ether (price roughly $4.23 million).
The workforce behind Gravity Bridge confirmed the assault on Saturday, saying that validators and orchestrators ought to halt their operations whereas they examine the exploit. “Because of the swift motion of validators, the bridge is at present halted whereas investigations proceed,” the protocol introduced in a subsequent submit on social media submit.
Gravity Bridge is a cross-chain protocol that works by locking tokens on the Ethereum community and creating direct replicas of the crypto property on the Cosmos community, counting on validator signatures to authorize every switch. Therefore, the protocol would deal with even cast transactions as official if a foul actor will get the suitable signing keys.
If confirmed as a key compromise, this Gravity Bridge incident would align with the continuing sample of crypto bridge assaults, wherein breaches are sometimes embedded in entry controls moderately than within the underlying sensible contract code. This sample could be noticed within the majority of the current exploits, with Kelp DAO’s $292 million attack a notable incident.
Crypto Hacks Proceed To Pile In 2026
As talked about earlier, Gravity Bridge’s $5.4 million hack joins the rising listing of hacks which have rocked the crypto trade, particularly the DeFi sector, in 2026. Particularly, bridges seem to have been a delicate goal for attackers on this interval.
Particularly, a TRM Labs report identified April 2026 as essentially the most hacked month, with the best variety of incidents in crypto historical past. These assaults included the aforementioned $292 million Kelp DAO hack and Drift Protocol’s $285 million loss.
Associated Studying
Featured picture from Shutterstock, chart from TradingView
