A major cross‑chain bridge has been hit again, underscoring that bridge security remains one of crypto’s biggest unresolved vulnerabilities.
What happened
- On Monday the Verus–Ethereum bridge — which enables transfers of ETH and ERC‑20 tokens between the Verus network and Ethereum — was exploited.
- The attacker drained 103.6 tBTC (Threshold Network’s tokenized bitcoin), 1,625 ETH and 147,000 USDC.
- PeckShield reports the exploiter swapped the haul into 5,402.4 ETH (now worth more than $11 million) and currently holds those funds at address 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9.
Why this matters
Bridges and cross‑chain messaging layers continue to be the soft underbellies of the ecosystem. Rather than attacking on‑chain smart contracts directly, many recent incidents have targeted the infrastructure that connects chains — the very components that make seamless multi‑chain value transfer possible.
Context and precedent
Crypto exchange Phemex noted that the two largest losses in recent months, involving Drift and Kelp DAO, also stemmed from bridge or cross‑protocol messaging failures. In particular, the April Kelp DAO incident — which exploited LayerZero’s cross‑chain messaging system — resulted in roughly $293 million in losses and widespread knock‑on effects across DeFi. Several smaller exploits in the same timeframe likewise implicated bridge‑related components.
What this implies
The pattern is clear: cross‑chain bridges and messaging systems are repeatedly being abused for high‑value attacks, and those failures often produce the largest single losses in a given year. The Verus–Ethereum breach is the latest reminder that improving the security of cross‑chain infrastructure must be a top priority for the industry.
Next steps
Investigations are ongoing and users should monitor official updates from Verus, Threshold, and security trackers like PeckShield. Meanwhile, teams building or integrating bridges should prioritize rigorous audits, stronger operational controls and defensive patterns (timelocks, multisig, formal verification and monitoring) to reduce future systemic risk.
Read more AI-generated news on: undefined/news
