Gravity Bridge Drained $5.4 Million After Compromised Signing Key, Validators Halt Operations
Image: The Block

Gravity Bridge Drained $5.4 Million After Compromised Signing Key, Validators Halt Operations

30 May, 2026.Crypto.10 sources

Key Takeaways

  • Gravity Bridge drained of about $5.4 million after a suspected signing-key compromise.
  • Validators halted the Ethereum-Cosmos bridge pending investigation into the breach.
  • Stolen assets included USDC, USDT, WETH, and ETH; some laundered.

$5.4M Bridge Drain

Cosmos-based cross-chain protocol Gravity Bridge was drained of roughly $5.4 million early Saturday after security researchers linked the incident to a compromised bridge signing key or keys rather than a flaw in the protocol’s code.

Gravity Bridge, a cross‑chain protocol connecting Ethereum [ETH] with the Cosmos ecosystem, was attacked on the 30th of May, adding to the string of exploits seen in 2026

AMBCryptoAMBCrypto

The Block reported that the stolen funds broke down to about $4.3 million in USDC, 274 wrapped ether worth roughly $553,000, $434,000 in tether, and 14.16 PAXG tokens worth about $64,000.

Image from AMBCrypto
AMBCryptoAMBCrypto

Cointelegraph said the exploit prompted validators to halt the bridge while an investigation is underway, after onchain analyst Specter first flagged unusual outflows on X.

Cointelegraph also quoted Specter’s assessment that "It appears the Gravity Bridge contract key may have been compromised, resulting in the theft of $5.4M," and said PeckShield confirmed the breakdown of the stolen assets.

The Gravity Bridge team acknowledged the incident on X and asked validators to stop their validators and orchestrators while the investigation continued, with Cointelegraph quoting the team’s instruction to "should halt their validators and orchestrators while this incident is being investigated."

Specter, PeckShield, and Laundering

Onchain analyst Specter first flagged the unusual outflows in a Saturday post on X, saying the bridge contract key may have been compromised and that the pattern suggested unauthorized withdrawals.

Cointelegraph reported that PeckShield confirmed the exploit and said a portion of the haul had already been laundered through instant-swap service ChangeNow and through Binance.

Image from Blockonomi
BlockonomiBlockonomi

Cointelegraph added that the theft wallet was still holding around 2,102 ETH worth approximately $4.23 million at the time of its report.

The Block said PeckShield’s tally matched the stolen-asset breakdown and reported that the assets were routed to an address ending in 7C62da1F9, while Specter identified the drained contract as an address ending in 1F2D906.

In a Gravity Bridge statement quoted by Cointelegraph, the team wrote, "There was an unfortunate incident on Gravity," and then said validators should halt their validators and orchestrators while the incident is investigated.

What Happens Next

Cointelegraph said Gravity Bridge acknowledged the incident on X without detailing what went wrong, and then confirmed in a follow-up post that the bridge had been halted.

Summary - Cosmos-based cross-chain bridge Gravity Bridge said it suffered a $5

bloomingbitbloomingbit

The Block reported that Gravity Bridge has not yet released a postmortem, leaving the exact entry point unconfirmed, even as researchers suspect compromised signing keys rather than smart contract bugs.

Cointelegraph described Gravity Bridge as a decentralized blockchain facilitating cross-chain transfers between Ethereum and Cosmos, and said it allows tokens to move from Ethereum to Cosmos wallets and DEXs like Osmosis and from Cosmos-based blockchains back to Ethereum platforms like Uniswap.

Cointelegraph also said Gravity Bridge’s native token is Graviton (GRAV), used by validators to secure the bridge, and that the token was trading at $0.0007053, down 4% over the past day according to data from CoinMarketCap.

The Block framed the incident as part of an ongoing pattern of 2026 bridge attacks where key security issues provide vulnerabilities rather than flaws in underlying smart contract code, noting that a similar root cause surfaced in the Kelp DAO and Resolv exploits earlier this year.

More on Crypto