Gravity Bridge hacked for $5.4M; funds sent to Binance, ChangeNow
On May 30 Gravity Bridge lost about $5.4 million in a hack. The attacker took $4.3M in USDC, 274 ETH and other tokens and routed proceeds via Binance and ChangeNow, Peckshield reported.
Gravity Bridge was drained of about $5.4 million on May 30, according to blockchain security firm Peckshield. The attacker removed around $4.3 million in USD Coin (USDC), 274 ether (ETH), $434,000 in Tether (USDT) and roughly 14.164 PAYG tokens.
Peckshield reported the exploiter moved funds quickly and routed part of the haul through the noncustodial swap service ChangeNow and the centralized exchange Binance. At the time of the alert the attacker still held about 2,102 ETH, worth roughly $4.23 million, indicating most of the stolen value remained onchain and potentially traceable.
Routing funds through an exchange can combine stolen coins with legitimate liquidity and can allow an exchange’s compliance team to freeze assets if it acts. Swap services such as ChangeNow are often used to convert assets into different tokens before they reach an exchange.
Gravity Bridge connects Ethereum and the Cosmos network and operates on a lock-and-mint model: tokens are locked on one chain and an equivalent token is minted on the other, then burned and redeemed when bridged back. Rather than relying on a small multisignature wallet or a permissioned operator group, Gravity Bridge uses its validator set to sign cross-chain transactions.
Bridges concentrate large pools of locked assets, which makes them frequent targets. A single flaw in validation logic or cross-chain verification can allow attackers to move those funds.
The incident adds to a series of cross-chain exploits tracked this year. Peckshield reported more than $328 million lost across eight bridge hacks through mid-May 2026. Recent cases include an estimated $11.5 million drain from the Verus-Ethereum bridge on May 18; an April exploit that removed more than $200 million from Drift Protocol; a breach that took 116,500 rsETH from KelpDAO’s LayerZero adapter; and a $2.4 million flash-loan attack on a Shibarium bridge.
How much of the Gravity Bridge haul can be recovered is unclear. With significant ETH still onchain, exchanges and blockchain analytics firms have an opportunity to flag and freeze assets. In a prior case the Verus attacker returned $8.5 million while retaining $2.8 million under a recovery agreement.
Users and investors are awaiting an official incident report from Gravity Bridge explaining the root cause and any plan for reimbursing affected depositors.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
