Axelar is moving quickly to contain the damage after identifying a security incident that resulted in the loss of approximately $4.67 million in tokens.
The exploit targeted assets that were linked via the Inter-Blockchain Communication Protocol from the Axelar Chain to the Secret Network, and the cross-chain infrastructure provider has already taken emergency measures to shut down the affected connection while it works through containment and recovery.
Akslar The official statement confirms The team identified the incident affecting assets delivered via IBC to the Secret Network of the Axelar chain, with approximately $4.67 million in tokens taken in the hack. The announcement was direct about the extent of the loss and the immediate steps taken in response.
Identify the source of the violation
According to Axelar’s investigations to date, the vulnerability has been isolated to a specific component of the bridge infrastructure.
The issue goes back to the Secret-side smart contract ICS-20, which handles the Cosmos IBC connection between the Secret Network and Axelar, specifically the path used for assets moving from Axelar to Secret.
ICS-20 is a standard interface within the Cosmos IBC ecosystem designed to handle cross-chain transfers of fungible tokens.
When this contract layer is compromised, it can create an opportunity for unauthorized token issuances without requiring the attacker to breach the underlying verification toolkit or consensus mechanism of either chain in question.
Axelar’s framing of the problem as isolated to this specific decade aims to draw clear boundaries around what has actually been affected versus what remains safe.
Emergency response moves within minutes
Akslar’s emergency committee did not wait to fully diagnose the root cause before acting. The team confirmed that as soon as the Emergency Committee became aware of the incident, it completely disabled Secret and Secret-SNIP communications.
This decision effectively interrupts the compromised path, preventing any additional exploitation through the same vector while the investigation is ongoing.
Disabling a direct bridge connection is not a decision to make lightly, as it disrupts legitimate cross-chain activity for users who rely on that specific path for transfers.
But in the context of an active exploit, stopping the bridge is the only way to stem additional losses while the team determines exactly how the attacker gained access and whether there are any other paths that share the same underlying vulnerability.
In addition to the technical shutdown, Axelar says it is actively communicating with exchanges and relevant law enforcement agencies.
This communication is typically intended to flag stolen funds for tracking purposes and potentially freeze any assets moving across centralized platforms, giving investigators and affected parties the opportunity for partial recovery if the attacker attempts to cash out funds through regulated venues.
What is not affected across the ecosystem?
Axelar deliberately narrowly defined the scope of the incident, and the details are important to anyone who owns assets across the broader ecosystem. Secret networks Special statement It reflects Axelar’s assessment that the incident was specifically isolated to assets on Secret that were bridged via Axelar’s IBC.
No other IBC connections are affected, and no other PINs outside the affected bridge path show signs of compromise.
The scope extends to Axelar’s broader integration footprint as well. The team stated that no other Axelar integrations were affected by this incident, and more importantly, the underlying Axelar protocol itself was untouched.
This distinction is important for dozens of other chains and applications that rely on Axelar’s cross-chain messaging infrastructure, and the exploit appears to be limited to this specific secret network connection rather than representing a systemic vulnerability across Axelar’s broader integration network.
For users and protocols built on Axelar who have not been exposed to the underground network bridge, the practical impact of this incident should be minimal based on what has been revealed so far.
Why do bridge vulnerabilities keep appearing?
Cross-chain bridges have remained one of the most consistently exploited categories of infrastructure across the broader cryptocurrency ecosystem, and this latest incident fits a familiar pattern.
Bridges, by design, must translate trust and asset representation across two fundamentally separate environments, which means they often bring additional complexity to smart contracts compared to single-chain applications.
This complexity creates more potential attack surface. A vulnerability in a single contract that handles cross-chain transfers could expose the bridge to exploitation even when the underlying chains on both sides remain completely secure, which appears to be exactly what happened here.
The underlying Axelar protocol and Secret Network’s broader on-chain security were not the point of failure; The specific node was responsible for a single communication path.
For an ecosystem that relies heavily on business interoperability, moving assets, data and liquidity across dozens of chains, incidents like this reinforce the ongoing challenge of securing the connective tissue between blockchains, even as the blockchains themselves remain robust.
Disclosure: This is not trading or investment advice. Always do your research before purchasing any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash To stay up to date on the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!
