TL;DR
- the Secret network/ Axelar Bridge suspended after $4.67 million exploit.
- The attacker allegedly used forged IBC packages to mint unbacked encrypted assets.
- The timeline is important: exploitation on June 10, discovery on June 17, and bridge disabling on June 19.
Bridge security is back in focus
The Axelar bridge’s connection to the underground network has been suspended after a $4.67 million exploit was reported involving an indefinite vulnerability on the underground network side of the integration. This incident serves as another reminder that cross-chain bridges remain one of the most fragile layers of cryptocurrency infrastructure, even as the underlying networks in question continue to function.
The exploit reportedly centered on a modified CW20-ICS20 contract used for encrypted assets on the underground network. According to the source packet, the nodes failed to properly verify the source channel for incoming IBC messages. This verification hole allowed the attacker to create a private Cosmos chain, send forged IBC packets, and mint unsupported wrapped assets such as saUSDT and saUSDC.
How was the attack reported?
In a normal bridge setup, wrapped tokens must correspond to assets locked or deposited elsewhere. The main security assumption is that incoming messages are valid and come from approved paths. In this case, the attacker allegedly bypassed this assumption by injecting packets from a forged or private Cosmos chain.
Once the unbacked assets are minted, the attacker can redeem them for the assets held in escrow, turning the fake offer into real value. The exploit was not immediately discovered. The timeline provided in the verification package indicates that the attack occurred on June 10, and was detected on June 17, prompting Axelar to disable bridge communications on June 19 to contain the issue.
This sequence is important. This should not be framed as a breach that happened today. It was a previous exploit and went unnoticed for several days before the bridge connection was suspended.
Why are bridge bugs still so expensive?
Bridge accidents are particularly harmful because they occur between ecosystems. The vulnerability does not always need to break the layer 1 chain itself. It can exploit cross-chain assumptions, message formats, token contracts, and escrow balances. When one piece fails, attackers can sometimes fabricate the asset on one side and recover the value on the other.
to Decentralized finance For users, the immediate lesson is that wrapped assets hold more Smart contract And bridge risks beyond the risks of the underlying token. For protocols, the incident underscores the need for strict channel validation, external monitoring and rapid circuit breakers when transmission behavior becomes abnormal.
Suspending the bridge is a containment step, but the broader question is how much it will be affected Liquidity Service providers, users and infrastructure partners deal with losses, recovery and trust. Bridge exploits have shown time and again that cryptocurrency interoperability can create real benefit, but only if the verification layer is treated as critical security infrastructure rather than back-end integration details.
It also explains why bridge integrations need independent review when modifying contracts for a particular ecosystem. A simple change in message validation can create a very large gap between the view users see on one chain and the assets that actually support that view elsewhere. In bridge design, this gap is often where the worst losses begin.
This article was written by the News Desk and edited by Samuel Ray.
Editing process Bitcoinist focuses on providing well-researched, accurate, and unbiased content. We adhere to strict sourcing standards, and every page is carefully reviewed by our team of senior technology experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
