Another Cross-Chain Protocol Falls Victim to Bridge Exploit

The post Another Cross-Chain Protocol Falls Victim to Bridge Exploit appeared on BitcoinEthereumNews.com.

Crime Cross-chain protocol CrossCurve has confirmed an active security incident after attackers exploited a flaw in one of its bridge-related smart contracts, draining roughly $3 million in assets across multiple blockchain networks. Key Takeaways CrossCurve suffered an estimated $3 million loss after a flaw allowed spoofed cross-chain messages to bypass validation. The exploit targeted bridge-related smart contracts and affected multiple networks. Partners and users are being urged to reassess exposure as investigations remain ongoing. The team acknowledged the breach in a public statement, warning users to immediately halt all interactions with CrossCurve while an internal investigation is underway. According to the protocol, the attack stems from a vulnerability tied to its cross-chain infrastructure rather than user-facing applications. How the exploit unfolded Blockchain security monitor Defimon Alerts traced the incident to a weakness in a contract linked to CrossCurve’s Axelar-based message handling. The flaw allowed malicious actors to forge cross-chain messages and bypass standard validation checks, ultimately triggering unauthorized token unlocks on the PortalV2 contract. In practical terms, attackers were able to call a privileged execution function using spoofed data, giving them access to funds that should have remained locked. On-chain data indicates the exploit was carried out on several networks, suggesting a coordinated and automated attack rather than a single isolated transaction. Multiple attacker addresses have already been identified, and fund movements show a rapid outflow shortly after the exploit was initiated. Protocol response and ecosystem impact CrossCurve stated that it is actively working with security partners to assess the full scope of the damage and determine whether additional contracts may be affected. No timeline has been given yet for a potential fix or the resumption of normal operations. The incident has also prompted caution from partners in the broader DeFi ecosystem. Curve Finance, which has existing integrations with CrossCurve,…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ February 2, 2026 5:19 am