Highlights:
- Hackers attacked CrossCurve bridge and stole nearly $3 million across several blockchain networks.
- Attackers bypassed validation checks and unlocked tokens using fake cross-chain messages.
- CrossCurve announced a 10% reward and warned it will take legal action if funds are not returned.
CrossCurve, a cross-chain crypto protocol, confirmed late Sunday that hackers attacked its bridge through a smart contract exploit. The attack caused nearly $3 million in losses across several blockchain networks. The team shared the update on X and asked users to stop all activity while the team worked to control the situation. Blockchain security analysts later confirmed that the attackers bypassed key validation checks. They unlocked tokens without permission. The incident again shows how weak cross-chain bridges remain. These bridges continue to be among the riskiest parts of decentralized finance.
Advertisement
⚠️ URGENT Security Notice
Dear users,
Our bridge is currently under attack, involving the exploitation of a vulnerability in one of the smart contracts used.
Please pause all interactions with CrossCurve while the investigation is ongoing.
We appreciate your patience and… pic.twitter.com/yfo1KvWoDd
— CrossCurve (@crosscurvefi) February 1, 2026
CrossCurve Smart Contract Flaw Lets Hackers Steal Millions
Defimon Alerts shared the exploit details on X. The account belongs to the blockchain security firm Decurity. According to the report, the attacker compromised one of CrossCurve’s smart contracts and stole about $3 million. The report also said the contract failed to properly verify cross-chain messages.
Because of this, anyone could fake a valid-looking message. As a result, the attacker bypassed the normal validation process and unlocked tokens without approval. More specifically, Defimon Alerts noted that anyone could call a function named expressExecute in the ReceiverAxelar contract. The attacker used this function to pass a fake cross-chain message. The call bypassed gateway checks and unlocked tokens on the PortalV2 contract.
The system trusted the message, so it released funds even though no transaction happened on the original chain. CrossCurve did not block this process in time and is now reviewing the affected contracts. The protocol has not confirmed whether all users will receive compensation for their losses.
CrossCurve @crosscurvefi (ex https://t.co/4HJ33uOZUS) has been exploited for around 3 million on several networks.
Anyone could call expressExecute on ReceiverAxelar contract with a spoofed cross-chain message, bypassing gateway validation and triggering unlock on PortalV2.… pic.twitter.com/EfYe3Tfo9v
— Defimon Alerts (@DefimonAlerts) February 1, 2026
In a post on X, Curve warned users whose voting power is tied to CrossCurve pools. It asked them to review their positions and consider removing their votes. The team also advised investors to stay alert and make risk-informed decisions when using third-party projects.
CrossCurve CEO Offers 10% Reward to Recover Stolen Tokens
In response, CrossCurve Chief Executive Officer Boris Povar shared ten wallet addresses linked to the stolen funds. He then offered a reward of up to 10% if the attacker returned the assets within 72 hours. He called this a white hat reward. Otherwise, Povar warned that the company will treat the attack as malicious if no one responds on time. CrossCurve will then work with law enforcement, file civil lawsuits, and coordinate with other crypto projects to freeze the funds.
Curve Finance, which has collaborated with CrossCurve, also issued a statement. The team advised users who had invested their votes in CrossCurve pools to reconsider their positions. Curve emphasized the importance of being risk-conscious when engaging with third-party protocols.
In light of the recent security incident involving https://t.co/3Wv3pEhCu8 (== CrossCurve):
Users who have allocated votes to Eywa-related pools may wish to review their positions and consider removing those votes. We continue to encourage all participants to remain vigilant and… https://t.co/chd5YBOXhr
— Curve Finance (@CurveFinance) February 1, 2026
Cross chain bridges have been a major target in crypto for years. Hackers have stolen billions through similar attacks. These include the Ronin Bridge hack, the Wormhole exploit, and the Nomad bridge failure. In each case, attackers abused flaws in message checks or validation logic. The CrossCurve breach follows the same pattern. A small mistake in the validation code led to heavy financial losses. These repeated incidents keep raising concerns among regulators, investors, and developers about cross-chain security.
eToro Platform
Best Crypto Exchange
- Over 90 top cryptos to trade
- Regulated by top-tier entities
- User-friendly trading app
- 30+ million users
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.
Advertisement
