Contact us
Contact us

News

About

Home Crypto News Gravity Bridge Loses $5.4M After Ethereum Signing-Key Breach

Gravity Bridge Loses $5.4M After Ethereum Signing-Key Breach

Author Whitewallet Research
Posted: 30 May 2026, 10:07 CET 2 min read

Gravity Bridge lost about $5.4 million from its Ethereum-side contract on May 30 after a suspected signing-key compromise allowed apparently authorized withdrawals.

Gravity Bridge lost roughly $5.4 million from its Ethereum-side contract early on May 30 after on-chain investigators pointed to a compromised signing key that enabled withdrawals appearing to be authorized.

The attacker removed about $4.3 million in USD Coin (USDC), 274 ether (ETH) worth roughly $553,000, $434,000 in Tether (USDT) and PAYG tokens valued at about $64,000.

The drain originated from the bridge’s verified Ethereum contract, where privileged access allowed transactions that looked legitimate. On-chain analyst Specter was first to flag the incident and identified two attacker addresses linked to the theft. Security firm PeckShield and other on-chain monitors confirmed the totals and tracked portions of the funds as the attacker moved assets.

Most of the stolen stablecoins were swapped into ETH. The attacker now controls about 2,102 ETH, worth roughly $4.23 million at current prices. PeckShield reported that some proceeds were routed through the non-custodial service ChangeNow and through Binance in attempts to obscure the trail. The remaining ETH balance is visible on-chain but can be split, mixed through services or bridged to other chains, complicating recovery efforts.

Gravity Bridge connects Ethereum and the Cosmos ecosystem using the Inter-Blockchain Communication protocol (IBC), enabling tokens like USDC to move between chains. Before the exploit the bridge held about $11.5 million in total value locked.

Cross-chain bridges have been the target of several high-profile attacks because keys that control validator sets or signing operations can act as single points of failure. Previous incidents include attacks on Ronin, Poly Network and the Meter bridge, along with a series of validator key failures. PeckShield counted eight major cross-chain bridge exploits in May that together totaled $328.6 million.

Stablecoin issuers can blacklist addresses quickly when funds land on custodial platforms, but assets routed through non-custodial services are harder to recover. The Gravity Bridge team has not issued a public statement about the incident.

Whitewallet Research
Author

Articles by this author

Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
6 hours ago
What is a crypto seed phrase
What is a crypto seed phrase
5 days ago
Seed phrase vs private key
Seed phrase vs private key
may 21
Global South trails in generative AI, Microsoft finds
Global South trails in generative AI, Microsoft finds
may 21
Anthropic lets Glasswing partners publish Mythos-found flaws
Anthropic lets Glasswing partners publish Mythos-found flaws
may 19

Latest News

MORE
Enterprise racks up 0M Claude bill after no usage caps

Enterprise racks up $500M Claude bill after no usage caps

1 day ago 2 min read
BlackRock-Led Bitcoin ETFs Post Ninth Straight Day of Outflows

BlackRock-Led Bitcoin ETFs Post Ninth Straight Day of Outflows

1 day ago 1 min read
Trump Push Spurs SEC, Senate and Ripple on CLARITY Act

Trump Push Spurs SEC, Senate and Ripple on CLARITY Act

1 day ago 2 min read
Anthropic launches Claude Opus 4.8 with Effort Control

Anthropic launches Claude Opus 4.8 with Effort Control

2 days ago 2 min read
MORE