Alephium Bridge Exploited for $815,000 as Cross-Chain Hacks Surge

- Offchain backend flaw triggers largest-ever ALPH mint - Alephium urges LPs to pull funds as hacker moves assets cross-chain On May 31, 2026, CoinDesk reported that attackers had drained $815,000 from Alephium’s token bridge on Ethereum and BNB Chain after exploiting an offchain vulnerability in the bridge’s backend. The incident initially led some observers to suspect a compromised guardian key; however, Alephium later confirmed that a specific flaw in offchain logic enabled the attack. According to CoinDesk on May 31, 2026, the attackers manipulated the bridge’s offchain backend and forged transactions to bypass core security mechanisms. As a result, they were able to mint 13.76 million wrapped ALPH tokens, which exceeded the prior circulating supply, and they then unlocked further assets from custody contracts on both Ethereum and BNB Chain. The exploited funds were rapidly transferred across chains and laundered via privacy mixer Tornado Cash. Following the discovery of the exploit, Alephium immediately advised liquidity providers to withdraw funds from affected pools and froze its bridge infrastructure to minimize further losses. Recovery efforts are ongoing, and the bridge remains offline at the time of writing. The Alephium incident comes amid a surge of cross-chain bridge hacks in 2026 and adds to mounting losses across the sector. In addition, Alephium continues to coordinate recovery and security reviews as the decentralized finance (DeFi) space grapples with the persistent threat of cross-chain exploits.