Year × Attack dossier

Bridge Exploit attacks in 2022

Total losses

$1.29B

6 incidents

№ 001Bridge ExploitOctober 6, 2022
BNB Chain Cross-Chain Bridge Hack
A flawed Merkle proof verification in BSC's native bridge let the attacker forge withdrawals for 2M BNB before validators paused the chain.
BNB ChainBNB ChainPartially Recovered
Loss
586.0M
USD
№ 002Bridge ExploitAugust 1, 2022
Nomad Bridge Drain
A routine upgrade marked the zero hash as a valid root, turning every Nomad message into a withdrawal anyone could copy-paste.
NomadEthereumMoonbeamAvalanchePartially Recovered
Loss
190.0M
USD
№ 003Bridge ExploitJune 24, 2022
Harmony Horizon Bridge
Lazarus compromised two of five operator multi-sig keys on Harmony's cross-chain bridge and drained $100M; the 2-of-5 quorum was below its risk profile.
HarmonyEthereumHarmonyFunds Stolen
Loss
100.0M
USD
№ 004Bridge ExploitFebruary 5, 2022
Meter.io Bridge Fake Deposit
Meter Passport bridge lost $4.4M when its deposit handler trusted a wrapped-token transfer amount that could be set without backing, minting bridged BNB/ETH.
Meter.ioMeterBNB ChainFunds Stolen
Loss
4.4M
USD
№ 005Bridge ExploitFebruary 2, 2022
Wormhole Bridge Exploit
A signature-verification bypass on Wormhole's Solana side let the attacker mint 120,000 wETH out of thin air — backed by no Ethereum collateral.
WormholeSolanaEthereumRecovered
Loss
326.0M
USD
№ 006Bridge ExploitJanuary 27, 2022
Qubit QBridge Infinite Mint
An attacker tricked Qubit's BSC bridge into minting 77,162 qXETH ($185M nominal) without depositing any ETH, borrowing 206,809 BNB ($80M).
Qubit FinanceBNB ChainEthereumFunds Stolen
Loss
80.0M
USD

BNB Chain Cross-Chain Bridge Hack

Nomad Bridge Drain

Harmony Horizon Bridge

Meter.io Bridge Fake Deposit

Wormhole Bridge Exploit

Qubit QBridge Infinite Mint