Cross-Chain Protocol Gravity Bridge Suffers $5.4 Million Attack — Details

Gravity Bridge, a Cosmos-native cross-chain protocol, was the target of a compromised-key attack, which led to the theft of roughly $5.4 million over the weekend. This latest security breach joins the growing list of exploits suffered in the decentralized finance (DeFi) space so far in 2026.

On Saturday, May 31st, blockchain sleuth Specter highlighted that Gravity Bridge might have been exploited through what he described as a signing key compromise. For context, a signing key compromise refers to the unauthorized disclosure or theft of a cryptographic key, allowing an attacker to then use it to decrypt sensitive information, forge digital signatures, or gain unauthorized access to systems and, as in this case, funds.

The analyst disclosed that the loot included crypto assets worth about $5..4 million, including $4.3 million in USDC, 274 wrapped Ether valued at roughly $553,000, $434,000 in USDT, and 14.16 PAXG tokens priced at about $64,000. According to security firm PeckShield, the bad actor has laundered a portion of the stolen funds through the ChangeNOW and Binance exchanges, but still holds over 2,100 Ether (worth approximately $4.23 million).

The team behind Gravity Bridge confirmed the attack on Saturday, saying that validators and orchestrators should halt their operations while they investigate the exploit. “Thanks to the swift action of validators, the bridge is currently halted while investigations continue,” the protocol announced in a subsequent post on social media post.

Gravity Bridge is a cross-chain protocol that works by locking tokens on the Ethereum network and creating direct replicas of the crypto assets on the Cosmos network, relying on validator signatures to authorize each transfer. Hence, the protocol would treat even forged transactions as legitimate if a bad actor gets the appropriate signing keys.

If confirmed as a key compromise, this Gravity Bridge incident would align with the ongoing pattern of crypto bridge attacks, in which breaches are typically embedded in access controls rather than in the underlying smart contract code. This pattern can be observed in the majority of the recent exploits, with Kelp DAO’s $292 million attack a notable incident.

As mentioned earlier, Gravity Bridge’s $5.4 million hack joins the growing list of hacks that have rocked the crypto industry, especially the DeFi sector, in 2026. Specifically, bridges appear to have been a soft target for attackers in this period.

Specifically, a TRM Labs report identified April 2026 as the most hacked month, with the highest number of incidents in crypto history. These attacks included the aforementioned $292 million Kelp DAO hack and Drift Protocol’s $285 million loss.