--- title: "Hyperbridge 攻擊者在一次價值 23.7 萬美元的攻擊中鑄造了 10 億個跨鏈 Polkadot 代幣" type: "News" locale: "zh-HK" url: "https://longbridge.com/zh-HK/news/282516414.md" description: "一名黑客利用 Hyperbridge 協議,鑄造了 10 億個橋接的 Polkadot 代幣,獲利約 237,000 美元。這次攻擊引發了人們對區塊鏈橋接的安全擔憂,因為黑客使用偽造的信息更改了以太坊上 Polkadot 代幣合約的管理員。Hyperbridge 已暫停運營以進行升級,而此次漏洞僅影響了以太坊上的橋接 DOT,未對更廣泛的 Polkadot 生態系統造成傷害。此外,由於另一個漏洞,SubQuery Network 也遭到攻擊,損失約 130,000 美元。儘管發生了這些事件,DeFi 領域的攻擊損失同比大幅減少" datetime: "2026-04-13T09:19:10.000Z" locales: - [zh-CN](https://longbridge.com/zh-CN/news/282516414.md) - [en](https://longbridge.com/en/news/282516414.md) - [zh-HK](https://longbridge.com/zh-HK/news/282516414.md) --- # Hyperbridge 攻擊者在一次價值 23.7 萬美元的攻擊中鑄造了 10 億個跨鏈 Polkadot 代幣 A hacker exploited the Polkadot-based cross-chain interoperability protocol Hyperbridge, netting about $237,000 and raising renewed security concerns about blockchain bridge infrastructure. An attacker minted 1 billion bridged Polkadot (DOT) tokens in a single transaction on Hyperbridge, according to blockchain data shared by cybersecurity platform CertiK. CertiK said the hacker managed to mint the tokens after he “slipped through a forged message to change the admin of Polkadot token contract on Ethereum.” However, the thin liquidity on Ethereum’s bridged DOT pool was overwhelmed by the 1 billion bridged DOT tokens, shrinking the attacker’s profits to just 108.2 Ether (ETH), worth around $237,000, after the swap. Cybersecurity research company Blocksec Falcon said the likely root cause of the exploit was a Merkle Mountain Range (MMR) proof replay vulnerability caused by missing proof-to-request binding, though the final root cause has not yet been confirmed by the protocol. Hyperbridge paused operations after the attack while the team worked on an upgrade, with contributor Web3 Philosopher saying the initial diagnosis pointed to a malicious proof that fooled the protocol’s Merkle tree verifier. Blockchain bridges let users move tokens and data between different networks. The exploit is notable because Hyperbridge has marketed itself as a proof-based interoperability layer built to deliver “full node security” for crosschain bridges. The incident also follows Aethir’s disclosure last week that it had contained a separate bridge exploit and kept user losses below $90,000. Cointelegraph has contacted Hyperbridge for comment on the root cause of the exploit. The exploit only affected DOT on Ethereum that was bridged through Hyperbridge, while native DOT tokens and the wider Polkadot ecosystem remain unaffected, Polkadot noted in a Monday X post. The native DOT token briefly dipped to a daily low of $1.16 on Monday, before recovering to trade above $1.19 at the time of writing, according to CoinGecko. **Hackers exploit SubQuery network for $130,000** Security incidents continue to hit crypto protocols despite a sharp year-over-year drop in DeFi exploit losses. On Sunday, the data indexing protocol SubQuery Network was also exploited for around $130,000 due to missing access control data that exposed the code written over two years ago. The vulnerability enabled the attacker to set his own contract as the withdrawal target for staking rewards, blockchain security auditor Pashov said in a Sunday X post. Hackers stole over $168 million from 34 decentralized finance (DeFi) protocols in the first quarter of 2026, marking a significant decline from the $1.58 billion stolen in the first quarter of 2025, when the record $1.4 billion Bybit hack occurred. ### 相關股票 - [TDOT.US](https://longbridge.com/zh-HK/quote/TDOT.US.md) - [ETHHKD.VAHK](https://longbridge.com/zh-HK/quote/ETHHKD.VAHK.md) - [ETHUSD.VAHK](https://longbridge.com/zh-HK/quote/ETHUSD.VAHK.md) ## 相關資訊與研究 - [長路説幣:5.15 以太坊區間內震盪運行,這樣操作收益蕞大](https://longbridge.com/zh-HK/news/286502448.md) - [以太坊基本面的改善會帶來市場結構變化嗎?](https://longbridge.com/zh-HK/news/286858332.md) - [長路説幣:5.19 以太坊高頻震盪,是築底還是下跌前兆?](https://longbridge.com/zh-HK/news/286849427.md) - [幣圈院士:5.19 多重技術指標全線背離 以太坊本輪下跌空間已經打開 最新行情分析](https://longbridge.com/zh-HK/news/286837743.md) - [Galaxy:Hyperliquid 生態重新吸納 USDC 成因及意義](https://longbridge.com/zh-HK/news/286703074.md)