CrossCurve Bridge Hacked for $3M as Vulnerable Smart Contract Gets Exploited Across Chains

TLDR

• CrossCurve bridge hacked, $3M drained as platform halts activity
• Smart contract flaw lets attacker siphon $3M from CrossCurve
• CrossCurve exploit spreads across chains, team freezes system
• $3M CrossCurve breach triggers shutdown and recovery push
• Bridge vulnerability drains CrossCurve funds across networks

CrossCurve confirmed a major breach that resulted in an estimated $3 million loss across several blockchains, and the team immediately halted platform activity. The project reported that an attacker exploited a weakness in a smart contract that enabled unauthorized token releases across networks. CrossCurve continues to examine the breach as it works to stabilize operations and limit further disruption.

CrossChain Exploit Hits CrossCurve Bridge

CrossCurve identified the attack after unusual movements drained assets from a key liquidity pool, and the team suspended interactions to prevent additional impact. The investigation revealed that the exploit targeted the ReceiverAxelar contract, which manages cross-chain messages for the bridge. CrossCurve noted that the failure of critical validation checks allowed the attacker to trigger the PortalV2 contract and release unbacked funds.

Security analysts observed that the exploit enabled forged cross-chain messages to bypass expected gateway verification and the attacker used this pathway to unlock assets without proper backing. The breach spread across multiple networks because the same validation gap existed throughout the bridge’s connected systems. CrossCurve confirmed that assets rapidly depleted across chains once the attacker executed repeated calls to the vulnerable function.

Decurity and other security researchers stated that the expressExecute function facilitated the unauthorized unlocks, and the design flaw created an opening for multi-chain exploitation. Their early assessments aligned with CrossCurve’s findings, and the teams coordinated to map the affected addresses. CrossCurve aims to provide a complete loss breakdown once the review of all movements concludes.

CrossCurve Issues 72-Hour Deadline After Identifying Wallets

CrossCurve published ten wallet addresses linked to the exploit and requested the return of funds within 72 hours. The team offered a reward of up to 10 percent for cooperation, and it stated that it seeks a constructive resolution before pursuing legal steps. CrossCurve added that it may escalate the case through law enforcement channels if funds remain unrecovered.

The protocol warned associated platforms about potential exposure because the exploit accessed assets across several chains and Curve Finance urged users with relevant allocations to review their positions. CrossCurve emphasized that its priority is preventing further unauthorized activity while ensuring users receive clear updates. The team plans to coordinate with other protocols to restrict the movement of the stolen tokens when possible.

The CEO stated that the breach resulted from a code vulnerability rather than normal user behavior, and he highlighted the importance of stronger validation structures in cross-chain systems. CrossCurve aims to reinforce its contracts after the investigation and intends to subject future upgrades to expanded reviews. The protocol expects to release a detailed incident report once all verification work is complete.

Broader Context and Ongoing Security Concerns

CrossCurve joins a growing list of projects hit by bridge-related exploits, and past failures have shown that cross-chain systems face persistent risks. The Ronin, Nomad and Wormhole breaches demonstrated that message validation flaws often lead to cascading failures across networks. CrossCurve acknowledged that its incident again highlights a vulnerability common in many bridging designs.

Recent research from cybersecurity firms indicated that attackers increasingly target the structure of blockchain systems and hidden malware in smart contracts has also raised alarm. These trends show that the threat landscape continues to shift, and cross-chain protocols face added pressure to maintain stronger defenses. CrossCurve intends to incorporate these emerging risks into its system upgrades.

CrossCurve encouraged users to practice safer interaction habits by verifying contract details and diversifying exposure across platforms, and the team stressed that early detection remains critical in reducing losses. The protocol continues work with auditors as it prepares recovery and mitigation steps. CrossCurve plans further announcements as the investigation advances and remediation measures are deployed.

The post CrossCurve Bridge Hacked for $3M as Vulnerable Smart Contract Gets Exploited Across Chains appeared first on CoinCentral.