Cross-chain bridge Gravity Bridge, which enables asset transfers between Ethereum and the Cosmos ecosystem, fell victim to a security incident on May 30. On-chain monitoring firms detected unauthorized outflows totaling roughly $5.4 million from the protocol’s Ethereum contract. Analysts largely attribute the breach to a compromise of critical signing keys rather than any flaw in the smart contract logic itself.
Detailed tracking revealed the stolen assets included approximately $4.3 million in USDC, 274 ETH (valued at around $553,000 at the time), $434,000 in USDT, and about 14,164 PAYG tokens worth roughly $64,000.
The transactions carried signatures that appeared legitimate, indicating the attacker had obtained privileged access to the bridge’s validation mechanisms.
On-chain researcher Specter was among the earliest to flag the suspicious activity, identifying linked addresses and highlighting signs of a key or signing path breach.
Security platforms PeckShield and Cyvers Alerts soon provided asset breakdowns and confirmed the scale of the drain.
The perpetrator moved quickly to obscure the funds’ trail, routing portions through non-custodial swap services like ChangeNow and addresses associated with the Binance exchange.
At last check, the attacker retained control of approximately 2,102 ETH, equivalent to about $4.23 million.
Gravity Bridge uses a decentralized validator network for approving cross-chain messages via the Inter-Blockchain Communication (IBC) protocol.
While this setup aims to distribute trust, it still depends heavily on secure key management.
The bridge’s total value locked prior to the incident hovered around the low tens of millions, making the $5.4 million loss a substantial hit.
In response, the Gravity team issued a brief statement acknowledging an “unfortunate incident” and instructed validators and orchestrators to pause operations immediately.
The bridge was subsequently halted pending a full investigation.
Users were directed to follow official channels for further updates, though details on potential recovery efforts or a comprehensive postmortem remain pending.
This breach adds to a troubling pattern for cross-chain infrastructure. Industry trackers note that bridge-related exploits have surpassed $328 million in losses during May 2026 alone.
#PeckShieldAlert The @gravity_bridge has been drained of ~$5.4M, including $4.3M $USDC, 274 $ETH (~$553K), $434K $USDT & 14.164 $PAYG ($64K)
The hacker has laundered a portion of the stolen assets through #ChangeNow & #Binance, and is still holding 2.102K $ETH (~$4.23M). pic.twitter.com/NJSNqc0G78
— PeckShieldAlert (@PeckShieldAlert) May 30, 2026
Past high-profile cases, including those involving centralized signing setups, have demonstrated how concentrated control points can undermine even well-designed decentralized systems.
The recent incident serves as a reminder of persistent interoperability risks in decentralized finance.
As bridges grow more vital for liquidity across ecosystems, stronger emphasis on key custody best practices, multi-layered validation, timelocks, and real-time monitoring will be crucial. Participants in Gravity Bridge are awaiting further clarity from the team while the broader crypto sector assesses implications for similar protocols.