A wallet labelled “Bridged DOT Exploiter” executed a sophisticated transaction on Ethereum, minting and swapping 1 billion fake Polkadot (DOT) tokens worth a nominal $1.18 billion through Uniswap V4. On-chain records show the attacker created two new contracts and used the Odos Router V3 and Uniswap V4 Pool Manager to move the fabricated tokens, ultimately extracting approximately 108.2 ETH ($238,000) in real value.
The transaction, confirmed five hours ago at block 24868295, involved the exploiter sending 1 billion DOT from a null address to a newly deployed contract, then routing it through multiple hops before converting portions into ETH. The entire sequence was completed in a single transaction with a minimal gas fee of $0.75.
Polkadot(@Polkadot) has been exploited. 🚨
The attacker minted 1B $DOT and dumped it all in a single transaction for 108.2 $ETH($237K).https://t.co/4pStYrGb8y pic.twitter.com/wRplAWNnBg
— Lookonchain (@lookonchain) April 13, 2026
In response to the incident, Polkadot confirmed in a post on X that the exploit is limited to DOT bridged to Ethereum via Hyperbridge. The team clarified that native DOT on the Polkadot network, as well as DOT bridged through other channels, remains unaffected.
Polkadot also stated that Hyperbridge has been temporarily halted as investigations into the vulnerability continue. Although the attack was confined to bridged DOT tokens on Ethereum and did not impact the core Polkadot blockchain, market sentiment was still affected.
Funds flow through multiple contracts
The flow involved newly created contracts and the Odos Router V3, a popular aggregator. The exploiter used the “Bridged DOT Exploiter” label, suggesting this may be a continuation of previous bridged-asset exploits or a deliberate attempt to mimic legitimate cross-chain activity.
A significant portion was swapped for 108.2 ETH, which was then transferred back to the exploiter’s address. The remaining fake tokens appear to have been used to manipulate liquidity or create the illusion of massive volume before the real ETH was extracted. No major liquidation or flash loan was visible in this specific transaction, indicating the attacker relied on the ability to mint unlimited fake tokens and quickly exit with real ETH.
Meanwhile, Uniswap governance has launched a crucial temperature check proposal to activate protocol fees across all remaining Uniswap v3 pools on the Ethereum mainnet and expand fee collection to eight additional blockchain networks.
Enjoyed this piece? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights.
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytics tools.
