Gravity Bridge protocol hit by $5.4M attack

Created at 31 May · 15:19 UTC2 sources↑ Market-relevant2 events

IN SHORT

Gravity Bridge, a cross-chain protocol connecting Ethereum and Cosmos, suffered a security breach resulting in the theft of approximately $5.4 million in assets including USDC, wrapped Ether, USDT, and PAXG. The protocol has been halted for investigation into a suspected signing key compromise.

Key Numbers

$5.4 milliontotal stolen funds

$4.3 millionUSDC stolen

274wrapped Ether stolen

$553,000value of wrapped Ether stolen

$434,000USDT stolen

14.16PAXG tokens stolen

$64,000value of PAXG tokens stolen

2,100+Ether still held by attacker

$4.23 millionvalue of Ether held by attacker

Who's Involved

Gravity Bridge

Cosmos-native cross-chain protocol targeted in the attack

PeckShield

Security firm that tracked laundered funds

Specter

Blockchain sleuth who highlighted the signing key compromise

↳ Why This Matters

Cross-chain bridges are critical infrastructure in the decentralized finance (DeFi) ecosystem, enabling the transfer of assets between different blockchain networks. However, their complex architecture and reliance on multi-signature schemes or validator networks make them frequent targets for hackers. The Gravity Bridge exploit highlights the persistent security risks within DeFi, where vulnerabilities in access controls, rather than smart contract code, often lead to significant fund losses.

Gravity Bridge protocol hit by $5.4M attack

Gravity Bridge protocol hit by $5.4M attack

Key facts

Get the newsletter.

Gravity Bridge protocol hit by $5.4M attack

PiQ Daily

Gravity Bridge protocol hit by $5.4M attack

PiQ Daily

Key facts

Get the newsletter.