On April 13, an unknown hacker exploited a vulnerability in the smart contract of the Hyperbridge cross-chain bridge, gaining admin rights and issuing 1 billion DOT tokens. This was reported by CertiK specialists.

#CertiKInsight 🚨

We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd

The attacker slipped through a forged message to change the admin of the Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.

Stay… pic.twitter.com/3t2n4uq5hy

— CertiK Alert (@CertiKAlert) April 13, 2026

After generating the tokens, the hacker sold the entire amount in a single transaction for 108.2 ETH (approximately $237,000).

The attack did not affect the main Polkadot network—only the ERC-20 version of its native coin operating on Ethereum.

As of this writing, the project team has not commented on the incident.

Following news of the exploit, the price of DOT dropped by 4% to $1.19.

Hourly chart of DOT/USDT on Binance. Source: TradingView.

Fake Ledger App

G. Love frontman Garrett Dutton lost 5.9 BTC (around $420,000) due to a fake Ledger app on the App Store.

I had a really tough day today I lost my retirement fund in a hack/Scam when I switched my @Ledger over to my new computer and by accident downloaded a malicious ledger app from the @Apple store. All my BTC gone in an instant.

— G. Love (@glove) April 11, 2026

"I had a really tough day. I lost all my retirement savings due to a hack," he wrote.

The musician explained that he downloaded the wallet on his new computer and entered his seed phrase. However, the software turned out to be fraudulent.

On-chain detective ZachXBT traced the stolen assets. The hacker had already moved the funds to deposit addresses on KuCoin, completing nine transactions.

Hi I traced out your 5.92 BTC stolen and it was all laundered via @kucoincom deposit addresses in the following transactions:

6f5c8eb6b01774626f33527e0cb03c0d1860447acacd6079e69bf41b459bcf1f
9ee1288f941b2c3775ebd125eefeebdc713aa160bf2cf9d18661fd07f84ce891…

— ZachXBT (@zachxbt) April 12, 2026

Neither Ledger nor Apple has responded to the incident.

It’s worth noting that in April of last year, scammers targeted users of hardware crypto wallets using paper letters.