{"id":3179,"date":"2026-05-18T21:33:04","date_gmt":"2026-05-18T21:33:04","guid":{"rendered":"https:\/\/blog.coinsignals.net\/?p=3179"},"modified":"2026-05-18T21:33:04","modified_gmt":"2026-05-18T21:33:04","slug":"hackers-drain-more-than-11-million-from-verus-ethereum-bridge","status":"publish","type":"post","link":"https:\/\/blog.coinsignals.net\/index.php\/2026\/05\/18\/hackers-drain-more-than-11-million-from-verus-ethereum-bridge\/","title":{"rendered":"Hackers Drain More Than $11 Million From Verus Ethereum Bridge"},"content":{"rendered":"\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"660\" data-id=\"3180\" src=\"https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768-1024x660.png\" alt=\"\" class=\"wp-image-3180\" srcset=\"https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768-1024x660.png 1024w, https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768-300x193.png 300w, https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768-768x495.png 768w, https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768-1536x990.png 1536w, https:\/\/blog.coinsignals.net\/wp-content\/uploads\/2026\/05\/IMG_2768.png 1728w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Despite the size of the exploit, Verus\u2019 native token showed little immediate reaction following the attack.<\/p>\n\n\n\n<p>Hackers reportedly stole approximately $11.58 million from the Verus Ethereum bridge after exploiting one of its cross chain bridge contracts.<\/p>\n\n\n\n<p>Blockchain security firms revealed that the attacker emptied reserves containing ETH, tBTC, and USDC.<\/p>\n\n\n\n<p><strong>How the Exploit Happened<\/strong><\/p>\n\n\n\n<p>Security companies <a href=\"https:\/\/www.certik.com?utm_source=chatgpt.com\">CertiK<\/a> and <a href=\"https:\/\/peckshield.com?utm_source=chatgpt.com\">PeckShield<\/a> identified suspicious activity linked to the bridge contract shortly after the exploit occurred.<\/p>\n\n\n\n<p>According to their findings shared on X, the stolen assets included 1,625 ETH, 103.56 tBTC, and 147,000 USDC. The attacker quickly converted the funds into roughly 5,402 ETH before moving them into another wallet.<\/p>\n\n\n\n<p>Blockchain security firm <a href=\"https:\/\/blockaid.io?utm_source=chatgpt.com\">Blockaid<\/a> later published a technical analysis explaining how the attack unfolded.<\/p>\n\n\n\n<p>The report stated that the bridge successfully verified three critical elements, including a notarized Verus state root signed by eight out of fifteen notaries, a Merkle proof for the cross chain export, and a hash binding used to confirm transfer integrity.<\/p>\n\n\n\n<p>However, the protocol failed to verify whether the amounts declared in the source chain export actually matched the payout being processed.<\/p>\n\n\n\n<p>According to Blockaid, the attacker created a transaction on the Verus side worth only around 0.02 VRSC, valued at roughly $0.01, while embedding a keccak hash tied to a payout data structure that listed empty source side totals.<\/p>\n\n\n\n<p>The Verus protocol accepted the transaction as valid, and the notaries approved the resulting state root because no obvious irregularities appeared during verification.<\/p>\n\n\n\n<p>On the Ethereum side, the attacker reportedly called the \u201csubmitimports\u201d function using a serialized transfer blob whose hash matched the committed value. Since the hash verification succeeded, the bridge decoded the data and released 1,625 ETH, 103 tBTC, and 147,000 USDC from its reserves directly to the attacker.<\/p>\n\n\n\n<p>In essence, the exploit reportedly cost the attacker around $10 in VRSC transaction fees while generating a return of $11.58 million.<\/p>\n\n\n\n<p>Blockaid emphasized that the incident did not involve an ECDSA bypass, compromised notary keys, or flaws related to parsing or hash binding.<\/p>\n\n\n\n<p>Instead, the vulnerability stemmed from missing source amount validation within a function known as \u201ccheckCCEValues,\u201d which the firm said could likely be fixed with roughly ten lines of Solidity code.<\/p>\n\n\n\n<p><strong>Bridge Exploits Continue to Rise<\/strong><\/p>\n\n\n\n<p>Last month, the broader crypto industry lost more than $650 million to hackers, according to CertiK.<\/p>\n\n\n\n<p>A large portion of those losses came from two separate incidents involving <a href=\"https:\/\/kelpdao.xyz?utm_source=chatgpt.com\">KelpDAO<\/a>, which reportedly lost more than $292 million, and <a href=\"https:\/\/www.drift.trade?utm_source=chatgpt.com\">Drift Protocol<\/a>, which suffered losses exceeding $285 million.<\/p>\n\n\n\n<p>Cross chain bridges have increasingly become targets for attackers, with the Verus incident marking the eighth bridge related exploit this year. PeckShield estimated that attackers have stolen at least $328 million from bridge platforms so far in 2026.<\/p>\n\n\n\n<p>Meanwhile, Verus\u2019 native token, VRSC, showed little response to the exploit news.<\/p>\n\n\n\n<p>Data from <a href=\"https:\/\/www.coingecko.com?utm_source=chatgpt.com\">CoinGecko<\/a> showed the token remained mostly flat during the 24 hour period surrounding the attack.<\/p>\n\n\n\n<p>At the time of writing, VRSC was trading near $0.75, down 6% over the past 30 days and nearly 73% lower compared to its value one year ago.#crypto#cryptonews <a href=\"https:\/\/coinsignals.net\">https:\/\/coinsignals.net<\/a> <a href=\"https:\/\/t.me\/coinsignalpublic\">https:\/\/t.me\/coinsignalpublic<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Despite the size of the exploit, Verus\u2019 native token showed little immediate reaction following the attack. Hackers reportedly stole approximately $11.58 million from the Verus Ethereum&#46;&#46;&#46;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3179","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/posts\/3179","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/comments?post=3179"}],"version-history":[{"count":1,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/posts\/3179\/revisions"}],"predecessor-version":[{"id":3181,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/posts\/3179\/revisions\/3181"}],"wp:attachment":[{"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/media?parent=3179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/categories?post=3179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.coinsignals.net\/index.php\/wp-json\/wp\/v2\/tags?post=3179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}