Hyperbridge

The next era of interoperability has begun. You can now bridge & swap your USDC and USDT seamlessly across EVM networks, powered by Hyperbridge. But it doesn’t end there, there’s always more…

Hello @bcgame team, Thank you for taking the proactive action of freezing these assets. This swift action has helped prevent the laundering of stolen funds and will greatly assist our ongoing investigation. We are reaching out here because our previous attempts to contact you earlier this week - via email to martin@bcgame.com and direct messages on X - were unsuccessful. We would like to coordinate with you to facilitate the recovery of these tokens and further investigate this exploit. Could you please arrange for the relevant DOT currently in your possession (along with any subsequent relevant deposits) to be returned to the Hyperbridge Sovereign Account: 13cKp88n27dzGussks75PWsnuKzQf4iMJSee31yvDBVvWDmU (Address verification available here: assethub-polkadot.subscan.io/account/13cKp8…)

Beware of impersonators. Anyone DMing about returns, recovery services, or wallet signature requests is a scam. Use only @hyperbridge on X, Telegram, or Discord and the sovereign address above

One day left. After April 30, wallet addresses still holding unreturned funds will be referred to law enforcement, alongside the on-chain evidence and transaction histories our forensics partners have compiled

Recovery update on the April 13 Token Gateway exploit. ~45,000 DOT is in active recovery from a single identified party. A separate ~100,000 DOT is frozen at @bcgame flagged by their own systems for suspicious activity — and we will be engaging with the platform on recovery

A security note: Expect scammers to impersonate this account, post fake addresses, and drop phishing links in replies. Only use the address and email in this thread. Verify both before sending anything.

If you're still holding funds from the exploit, the window is open. Same terms. DOT: send to the Sovereign Account — assethub-polkadot.subscan.io/account/13cKp8… Other assets: email ops@polytope.technology

Update on the April 13 Token Gateway exploit: 5.44 ETH and ~180k CERE have been voluntarily returned — the first return since we opened the no-questions-asked window. Funds are being returned to Cere and Bifrost, where some pools were affected by the exploit.

During our ongoing investigation into the April 13 Token Gateway exploit, we have identified that a number of regular Hyperbridge users, distinct from the original attacker, also withdrew funds from the DOT escrow during or shortly after the incident. After the attacker drained the pools, the price of DOT in those pools became severely distorted relative to other assets. This meant that a small amount of another token could be swapped for a disproportionately large amount of DOT, which some users bridged back to Polkadot. Whether or not this was done with full understanding of the circumstances, these funds belong to the affected liquidity providers whose pools were drained. We are offering a 14-day voluntary return window. Funds returned to the address below will be treated as good-faith acts. Return address (Hyperbridge Sovereign Account): (assethub-polkadot.subscan.io/account/13cKp8…) After this window closes, wallet addresses still holding unreturned funds will be referred to law enforcement alongside the on-chain evidence our forensics partners have compiled. These wallets have been identified and their full transaction histories are documented. If you are unsure whether this applies to you, or if you need assistance with the return process, reach out ops@polytope.technology.

Please disregard any unsolicited DMs, wallet signature requests, or accounts claiming to represent Hyperbridge or offering recovery services. Our only official channels are @hyperbridge on X, Telegram, and Discord. The full update is available here: blog.hyperbridge.network/recovery-and-n…

What this exploit has made clear, expensively, is that verification logic needs more frequent audits and adversarial testing at every layer of the stack. That is the standard Token Gateway will operate under going forward.

An update on the April 13 Hyperbridge Token Gateway exploit. Our initial loss estimate of approximately $237K has been revised upward to approximately $2.5M, with most of the increase reflecting losses from incentive pools across Ethereum, Base, BNB Chain, and Arbitrum.