<div id="readability-page-1" class="page"><p><img width="1536" height="1024" src="https://imageproxy.pbkrs.com/https://invezz.com/wp-content/uploads/2026/02/20260202_1446_Image-Generation_simple_compose_01kget7hmbf57tfe5r0j9zvsdh.png?x-oss-process=image/auto-orient,1/interlace,1/resize,w_1440,h_1440/quality,q_95/format,jpg" original-src="https://imageproxy.pbkrs.com/https://invezz.com/wp-content/uploads/2026/02/20260202_1446_Image-Generation_simple_compose_01kget7hmbf57tfe5r0j9zvsdh.png"/></p><p>Decentralised finance protocol CrossCurve has identified ten Ethereum wallet addresses involved in the exploit of its bridge infrastructure. </p><p>Unofficial estimates claim nearly $3 million worth of funds may have been drained.</p><p>The incident, which occurred on Sunday, involved a vulnerability in one of CrossCurve’s smart contracts that forms part of its cross-chain bridge infrastructure, which is designed to enable token transfers between different chains.</p><p>The breach has impacted several networks, and CrossCurve has urged users to avoid interacting with the protocol until the issue has been patched.</p><div><div><article><div><p><img src="https://imageproxy.pbkrs.com/https://pbs.twimg.com/profile_images/1930196711290372096/tjNXrPW-_normal.jpg?x-oss-process=image/auto-orient,1/interlace,1/resize,w_1440,h_1440/quality,q_95/format,jpg" width="48" height="48" original-src="https://imageproxy.pbkrs.com/https://pbs.twimg.com/profile_images/1930196711290372096/tjNXrPW-_normal.jpg"/></p></div><p><span>⚠️ URGENT Security NoticeDear users,Our bridge is currently under attack, involving the exploitation of a vulnerability in one of the smart contracts used.Please pause all interactions with CrossCurve while the investigation is ongoing.We appreciate your patience and</span></p><div><div><p><img src="https://imageproxy.pbkrs.com/https://pbs.twimg.com/media/HAGZ3naWwAAMO2W/query-Zm9ybWF0PWpwZyZuYW1lPXNtYWxs?x-oss-process=image/auto-orient,1/interlace,1/resize,w_1440,h_1440/quality,q_95/format,jpg" width="680" height="454" original-src="https://imageproxy.pbkrs.com/https://pbs.twimg.com/media/HAGZ3naWwAAMO2W/query-Zm9ybWF0PWpwZyZuYW1lPXNtYWxs"/></p></div></div><p>2:15 AM · Feb 2, 2026</p><p><span>Read 16 replies</span></p></article></div></div><p>Notably, an attacker leveraged a smart contract vulnerability to bypass message validation and trigger unauthorised fund releases.</p><p>A formal post-mortem of the incident has also not yet been published.</p><p>Defimon Alerts, a blockchain security tracker operated by Decurity, speculated that the vulnerability may have stemmed from improper validation logic in CrossCurve’s ReceiverAxelar contract. </p><p>Their analysis suggests that the contract’s expressExecute function could be triggered with “spoofed” cross-chain messages, bypassing the gateway authentication process that typically ensures message legitimacy.</p><p>As a result of this vulnerability, the attackers were able to simulate valid cross-chain communication and unlock tokens from the protocol’s PortalV2 contract without proper verification and withdraw funds from the bridge contract across multiple networks without depositing corresponding assets on the source chain.</p><p>Initial estimates from blockchain security firms place the total loss at around $3 million.</p><p>Cybersecurity firm BlockSec pegged total losses at approximately $2.76 million, with roughly $1.3 million taken from Ethereum and $1.28 million from Arbitrum. </p><p>Smaller amounts were drained across a range of other chains, including Optimism, Base, Mantle, Kava, Frax, Celo, and Blast.</p><p>At the time of writing, CrossCurve has not confirmed these external estimates or disclosed its own calculation of the affected funds.</p><h2>CrossCurve offers 10% bounty</h2><p>In a public statement, CrossCurve CEO Boris Povar said the team had traced the movement of stolen assets to ten specific Ethereum addresses. </p><p>He noted that the tokens were taken due to a smart contract flaw and appealed to the recipients to return the funds, stating that there was “no indication of malicious intent.”</p><p>“If the funds are not returned or no contact is established within 72 hours, we will have to assume malicious intent and treat this as a judicial matter,” Povar said. </p><p>The project will offer a 10% bounty if funds are returned within the given deadline, Povar added.</p><p>CrossCurve has previously marketed its multi-layered consensus bridge architecture as a safeguard against typical single points of failure in cross-chain systems.</p><p>Its validation stack includes integrations with networks such as Axelar and LayerZero alongside its proprietary EYWA Oracle Network. </p><p>In past documentation, the CrossCurve team has claimed that “the probability of several crosschain protocols getting hacked at the same time is near zero.”</p><p>The latest breach has also drawn comparisons to the 2022 Nomad Bridge exploit, which exposed similar vulnerabilities in validation logic. </p><p>At the time, a coding oversight in smart contract upgrades allowed users to copy and paste transactions to drain nearly $190 million in a free-for-all heist involving over 300 unique addresses.</p><p>The post CrossCurve identifies 10 wallets involved in the $3M bridge exploit appeared first on Invezz</p></div>

<p>CrossCurve has identified ten Ethereum wallets involved in a $3 million exploit of its bridge infrastructure, which was compromised due to a smart contract vulnerability. The breach allowed attackers to drain funds across multiple networks. CrossCurve has urged users to pause interactions with the protocol and is offering a 10% bounty for the return of stolen assets. The incident has drawn comparisons to previous exploits, highlighting vulnerabilities in cross-chain systems. A formal post-mortem has yet to be published, and the company has not confirmed external loss estimates.</p>

- CrossCurve identified ten Ethereum wallet addresses linked to a vulnerability exploit draining nearly $3 million from its bridge infrastructure.  
- The incident involved a flaw in the ReceiverAxelar contract that allowed unauthorized fund releases by bypassing message validation, impacting multiple networks.  
- CrossCurve has urged users to halt protocol interactions and offers a 10% bounty for the return of stolen funds, while comparisons to past exploits highlight ongoing security challenges in decentralized finance.

Invezz

Bitwise Ethereum Option Income Stgy ETF

Galaxy Digital

Roundhill COIN WeeklyPay ETF

Franklin Bitcoin ETF

Grayscale Bitcoin Trust BTC - ETF

VanEck Bitcoin ETF

21Shares Ethereum ETF

ARK 21Shares Active Ethereum Futures Strategy ETF

ARK 21Shares Bitcoin ETF

Invesco Galaxy Bitcoin ETF

Proshares Ether Strategy ETF

Bitwise Ethereum ETF

Mara

CoinShares Bitcoin ETF

YieldMax CryptoIndustry&TechPtfOptIncETF

Invesco Galaxy Ethereum ETF

Grayscale Ethereum Covered Call ETF

WisdomTree Bitcoin Fund

BTCS

Coinbase

Bitwise Bitcoin ETF

VanEck Ethereum ETF

Grayscale Ethereum Staking ETF

Riot Platforms

Leverage Shares 2X Long COIN Daily ETF

Dynamix

Direxion Daily Crypto Industry Bull2XETF

Bakkt

ProShares Bitcoin Strategy ETF

IShares Ethereum Trust ETF

Franklin Ethereum ETF

Fidelity Wise Origin Bitcoin Fund - ETF

Bitfarms Canada

Amplify Transform Data Sharing ETF

iShares Bitcoin Trust ETF

GraniteShares 2x Long COIN Daily ETF

Direxion Daily Crypto Industry Bear1XETF

YieldMax COIN Option Income Strategy ETF

Fidelity Ethereum Fund

Hut 8 Mining

Siren ETF Trust Siren Nasdaq NexGen Economy ETF

Grayscale Ethereum Mini Staking ETF

CHAIN BRIDGE I

CrossCurve identifies 10 wallets involved in the $3M bridge exploit