Crypto News

Verus-Ethereum Bridge Loses $11 Million in Hack

By Telemac

Share

Verus-Ethereum Bridge Loses $11 Million in Hack

A new spectacular attack has struck the cryptocurrency ecosystem. On May 18, 2026, the Verus-Ethereum cross-chain bridge was exploited for $11 million, marking another chapter in the ongoing series of security incidents targeting bridge infrastructure between blockchains. The attacker managed to divert a combination of tokens including tokenized bitcoin, ether, and stablecoins, before consolidating all funds into a single wallet visible on the Ethereum blockchain. This event revives the debate about the security of protocols enabling asset transfers between different chains and raises fundamental questions about the robustness of cross-chain verification mechanisms used by these critical infrastructures.

Context

Cross-chain bridges, also known as bridges in English, are essential protocols for the functioning of the modern blockchain ecosystem. These mechanisms enable users to transfer value and information between different distributed networks, facilitating the liquidity and interoperability that characterize contemporary crypto space. The Verus-Ethereum bridge specifically allowed users to move assets between the Verus network and the Ethereum network, including ether and tokens complying with the ERC-20 standard. This cross-chain transfer capability has become a pillar of decentralized finance, allowing users to access yield opportunities across different platforms without going through centralized intermediaries.

Since the emergence of decentralized finance in 2020, cross-chain bridges have seen their usage grow exponentially. This growth has been accompanied by a proportional increase in their attractiveness to malicious actors. Historical data shows that bridge exploits consistently produce the largest individual losses in crypto space each year. This structural trend continued in 2026 with several major incidents affecting the ecosystem. The Kelp DAO exploit had already caused a $293 million loss through a flaw in the LayerZero cross-chain messaging system. The Drift platform was also drained of $270 million through its blockchain-connecting infrastructure. These precedents illustrate the systemic vulnerability of these critical infrastructures.

The current economic and technological context makes these attacks particularly concerning. Traditional financial institutions and large investment funds have begun showing interest in digital assets through structured products and ETFs. This institutionalization of crypto space makes security stakes even more critical as the amounts involved are now significant and the reputational implications for the sector are considerable. Cross-chain bridges sit at the crossroads of this evolution, serving both retail users seeking to maximize their yields and institutional actors looking to optimize their digital asset allocation.

The Facts

On May 18, 2026, the Verus-Ethereum bridge was victim of an exploitation that allowed the diversion of $11 million in cryptocurrencies. The stolen assets consisted of 103.6 tBTC, representing tokenized bitcoin from the Threshold Network, 1,625 ETH equivalent in ether, and 147,000 USDC constituting US dollar stablecoins issued on the Ethereum network. This combination of tokens reflects a deliberate diversification strategy by the attacker who sought to maximize the liquidity of stolen funds while minimizing traceability risks.

The attacker subsequently consolidated all stolen funds into a single Ethereum wallet whose address is publicly visible: 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9. This address is now identified as malicious by major blockchain analysis platforms and is under close monitoring by ecosystem security teams. According to data collected by the security firm PeckShield, the hacker proceeded to exchange all stolen assets for 5,402.4 ETH, an operation that made it possible to recycle the entire booty into a single cryptocurrency, thus simplifying the subsequent money laundering process.

The exact mechanism of the exploitation relies on a validation flaw in the bridge’s cross-chain verification system. This flaw allowed the attacker to bypass the cryptographic security mechanisms that normally protect cross-chain transactions. Specifically, the validation system between the source chain and destination chain presented a gap that made it possible to issue tokens on the target chain without having the corresponding assets on the source chain. This price mechanism manipulation or oracle exploitation technique between the two chains made it possible to create assets from nothing, which were then exchanged for legitimate assets.

It is particularly noteworthy that the Verus side of the bridge displayed no real locked value at the precise moment of the attack. This absence of collateral suggests that the attacker identified a weakness in the way the protocol evaluates the value of cross-chain assets. The oracles used to determine exchange rates between the different cryptocurrencies deposited on the bridge can sometimes be manipulated through flash loan attacks or other market manipulation techniques. This flaw was exploited to drain reserves that were theoretically insufficient to cover the amounts claimed by the attacker.

Analysis

This incident illustrates a significant evolution in attack strategies deployed against the cryptocurrency ecosystem. Malicious actors have progressively moved away from direct attacks on individual smart contracts in favor of operations targeting infrastructures connecting different blockchain networks. This methodological shift is explained by the pure economic logic driving exploit authors: by targeting cross-chain bridges, attackers can access considerably larger fund volumes in a single operation. An isolated smart contract may contain a few million dollars while a cross-chain bridge can potentially control hundreds of millions of dollars in liquidity.

The Phemex research group, specialized in cryptocurrency market analysis, published a public statement indicating that this concentration of losses on bridge infrastructures is not coincidental. According to their analyses, historical data clearly demonstrates that bridge exploits consistently produce the largest individual losses recorded in our sector each year. This statement is accompanied by figures showing that in 2026, the two largest losses suffered by the ecosystem come from infrastructures connecting chains or managing inter-protocol messaging, with respective amounts of $293 million and $270 million for the Kelp DAO and Drift incidents.

The collateral damage from these attacks is considerable and far exceeds the simple amount of stolen funds. The $293 million Kelp DAO exploit, which exploited the LayerZero messaging system, had caused disruptions across the entire decentralized finance ecosystem. Many protocols using this messaging infrastructure had to suspend their operations while verifying their own security. Users who had no direct connection to Kelp DAO nevertheless suffered the consequences of this attack through general market volatility and declining yields available on DeFi protocols.

These repeated attacks underscore the growing complexity inherent in multi-chain environments. Bridge protocols must simultaneously validate the state of two distinct blockchains using fundamentally different consensus mechanisms. This double validation creates additional attack surfaces that do not exist in a single blockchain context. Developers must master not only the security of their own code but also the complex interactions between the different networks they seek to interconnect. This structural complexity explains why even experienced teams make errors that can have catastrophic consequences for their users.

Market Reactions

Cryptocurrency markets recorded increased volatility in the hours following the revelation of this incident. Major tokens experienced significant price fluctuations as investors reassessed their positions facing persistent security risks. The revelation of a new major attack on a cross-chain bridge naturally tends to generate a fear reaction among digital asset holders who worry that their funds may not be secure on decentralized protocols.

The market for tokens associated with bridges and cross-chain messaging protocols recorded particularly sharp declines in the sessions following the exploit announcement. Users and investors appear increasingly nervous facing the multiplication of security incidents targeting these critical infrastructures. Protocols offering proprietary bridge services saw their tokens drop significantly as the market anticipates massive fund outflows from users seeking to reduce their exposure to these risks.

Insurance premiums on multi-chain DeFi protocols have seen a notable increase, reflecting the growing perception of systemic risk present in this market segment. Decentralized insurance platforms like Nexus Mutual or Etherisc have seen coverage demand for bridge protocols increase considerably. This premium increase testifies to a maturation of the crypto insurance market that continues to incorporate real risks associated with cross-chain infrastructures into its pricing models.

Reactions from major industry actors have been diverse. Some protocols immediately suspended their bridge operations to conduct independent security audits. Others published statements emphasizing that their infrastructures were different and not vulnerable to the type of attack that struck the Verus-Ethereum bridge. These distancing attempts are understandable from a commercial perspective but should not obscure the fact that the entire sector faces structural security challenges that require coordinated responses.

Perspectives

In the short term, the teams behind the Verus protocol will need to manage the crisis and communicate with affected users. Available options include reimbursement through the protocol’s reserve fund if such a fund exists, or submitting the question to a decentralized governance vote as is often the case in decentralized autonomous organizations. The coming days will be critical in determining the protocol’s ability to recover from this incident and maintain user trust. Decisions made regarding governance will be scrutinized by the entire ecosystem which will see a precedent for future management of similar incidents.

For users who regularly hold assets on cross-chain bridges, this incident recalls the vital importance of certain security practices. The rule of not keeping significant amounts on bridges for extended periods remains more relevant than ever. Users should also diversify their transfer routes and avoid concentrating all their cross-chain activities on a single protocol. Using established bridge protocols with positive security track records and regular audits by specialized firms represents a prudent approach in an environment where risks are structural.

In the medium to long term, this exploit could accelerate the development and adoption of more robust cross-chain verification solutions. Zero-knowledge proof technologies applied to cross-chain transaction validation offer promising prospects for solving the security problems currently afflicting these infrastructures. Protocols like LayerZero, Hyperlane and other similar initiatives are actively working on these solutions which could fundamentally transform how blockchains communicate with each other. The goal is to create verification mechanisms that do not require trust in a third party while guaranteeing the validity of each cross-chain transaction.

Financial regulators could also become more interested in these infrastructures which represent a concentration point of systemic risk for the entire cryptocurrency sector. Regulatory authorities worldwide are watching cryptocurrency DeFi developments and security incidents involving significant amounts with growing attention. The prospect of a specific regulatory framework for cross-chain bridges is no longer inconceivable and could emerge in the coming years if the frequency of attacks persists.

Sources

Telemac
Telemachttp://cryptoinfo.ch

Contenu [hide]

Lire la Suite

Articles