Cosmos-based Gravity Bridge halts bridge after reported $5.4M exploit
Gravity Bridge, a decentralized Ethereum-Cosmos bridge, was reportedly drained of about $5.4 million after its contract key may have been compromised. Onchain analyst Specter first spotted the unusual outflows, and security firm PeckShield confirmed the exploit. Stolen assets included roughly $4.3 million in USDC, 274 WETH worth about $553,000, $434,000 in USDT, and 14.164 PAXG worth around $64,000. PeckShield said some funds had already been laundered through ChangeNow and Binance, while about 2,102 ETH remained in the attacker wallet. Gravity Bridge acknowledged an “unfortunate incident,” told validators to halt, and later confirmed the bridge was paused. The bridge uses its full validator set to authorize transfers and is designed to be more decentralized than multi-signature bridge models. The incident adds to growing concern over bridge security and broader DeFi risk.
