{"id":21082,"date":"2026-02-02T09:16:26","date_gmt":"2026-02-02T09:16:26","guid":{"rendered":"https:\/\/bitunikey.com\/news\/crosscurve-exploited-for-3-million-in-multi-network-bridge-attack\/"},"modified":"2026-02-02T09:16:31","modified_gmt":"2026-02-02T09:16:31","slug":"crosscurve-exploited-for-3-million-in-multi-network-bridge-attack","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/crosscurve-exploited-for-3-million-in-multi-network-bridge-attack\/","title":{"rendered":"CrossCurve exploited for $3 million in multi-network bridge attack"},"content":{"rendered":"<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Cross-chain liquidity protocol CrossCurve has been targeted in a smart contract exploit, with attackers draining roughly $3 million across multiple networks.<\/p>\n<div id=\"cn-block-summary-block_1b773686efa202fa3354c1bb1205bc75\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>CrossCurve has confirmed a $3 million exploit involving spoofed cross-chain messages that bypassed bridge validation.<\/li>\n<li>The protocol has offered a 10% bounty for the return of funds.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>CrossCurve confirmed the exploit via a Feb. 2 X <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/crosscurvefi\/status\/2018063302199488687?s=20\" target=\"_blank\" rel=\"nofollow\">post<\/a> and has requested all users to \u201cpause all interactions\u201d with the protocol until the vulnerability has been patched.<\/p>\n<p>In a follow-up <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/crosscurvefi\/status\/2018091623909835018?s=20\" target=\"_blank\" rel=\"nofollow\">post<\/a>, the protocol said it had identified 10 addresses that had received tokens from the exploit and urged the attackers to return the funds in exchange for a reward.<\/p>\n<p>\u201cWe do not believe this was intentional on your part, and there is no indication of malicious intent. We hope for your cooperation in returning the funds,\u201d CrossCurve wrote.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h1 class=\"wp-block-heading\">CrossCurve announces bounty<\/h1>\n<p>The protocol has offered 10% of the stolen funds as a bounty, similar to what it offers under its SafeHarbor WhiteHat policy.<\/p>\n<p>If the funds are not returned within 72 hours, the protocol has vowed to pursue legal options, including civil litigation to recover damages and coordinate with law enforcement and other projects to freeze the assets.<\/p>\n<p>At the time of publication, CrossCurve has not released an official post-mortem report regarding the extent of losses and how many users may have been affected.<\/p>\n<p>According to blockchain security account Defimon Alerts, total losses may be close to $3 million.<\/p>\n<p>\u201cAnyone could call expressExecute on ReceiverAxelar contract with a spoofed cross-chain message, bypassing gateway validation and triggering unlock on PortalV2,\u201d Defimon said.<\/p>\n<p>Arkham Intelligence data cited by Defimon showed the balance of the PortalV2 contract dropping to near zero around January 31.<\/p>\n<figure class=\"wp-block-image size-large\"><figcaption class=\"wp-element-caption\">Wallet address associated with CrossCruve. | Source: <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/DefimonAlerts\/status\/2018055069762240741?s=20\" target=\"_blank\" rel=\"nofollow\">Defimon Alerts on X\/\/DefimonAlerts<\/a><\/figcaption><\/figure>\n<p>CrossCurve, formerly known as EYWA Protocol, operates a cross-chain DEX and consensus bridge built in collaboration with Curve Finance. It uses a consensus mechanism that routes transactions through multiple independent validation protocols to reduce single points of failure.<\/p>\n<p>\u201cUsers who have allocated votes to Eywa-related pools may wish to review their positions and consider removing those votes. We continue to encourage all participants to remain vigilant and make risk-aware decisions when interacting with third-party projects,\u201d the official Curve Finance X account <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/CurveFinance\/status\/2018072427213767109?s=20\" target=\"_blank\" rel=\"nofollow\">posted<\/a> after the incident was confirmed.<\/p>\n<h2 class=\"wp-block-heading\">SagaEVM chain exploited just weeks before<\/h2>\n<p>The CrossCurve incident is the second major exploit in recent weeks, as it closely follows the SagaEVM chain smart contract breach, which resulted in the loss of approximately $7 million in bridged assets.\u00a0<\/p>\n<p>As previously reported by crypto.news, Saga had to pause the SagaEVM chain and work with bridge operators to blacklist the address and limit further movement of funds.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cross-chain liquidity protocol CrossCurve has been targeted in a smart contract exploit, with attackers draining roughly $3 million across multiple networks. Summary CrossCurve has confirmed a $3 million exploit involving&hellip;<\/p>\n","protected":false},"author":1,"featured_media":12580,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-21082","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/21082","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=21082"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/21082\/revisions"}],"predecessor-version":[{"id":21083,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/21082\/revisions\/21083"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/12580"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=21082"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=21082"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=21082"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}