Syscoin pauses bridge after attacker minted 5B SYS

Syscoin paused its bridge after a validation error let an attacker create about 5 billion SYS on the UTXO chain. Developers are tracing tainted tokens and working with exchanges.

Syscoin paused its cross-chain bridge after a validation flaw in the bridge relay allowed an attacker to create roughly 5 billion unauthorized SYS on the project’s UTXO chain.

The relay accepted a transaction proof that should have been rejected, and the system treated the proof as valid, producing an unauthorized UTXO output of about 5 billion SYS.

Those tokens first appeared in a single address. They were later spent and split into two tainted balances of about 4 billion and 1 billion SYS across separate wallets.

Syscoin described the findings as preliminary and urged users not to interact with the bridge while it remains paused. The team identified the affected validation path and said a fix is in place; engineers are implementing and reviewing the correction and determining how to rectify the unauthorized output.

Developers are tracing the tainted tokens and notifying exchanges to flag and block contaminated balances from trading. The bridge pause is intended to prevent further cross-chain transfers while engineers validate the correction and audit the bridge flow.

The incident affected SYS’s market price. SYS fell more than 7% over 24 hours, trading near $0.0016 at the time of reporting, while the broader crypto market showed modest gains.

Blockchain monitoring firm PeckShield recorded 40 major security incidents in May 2026, including eight bridge and cross-chain exploits.

Syscoin said it will provide further updates after the internal review and remediation plan are complete.

Articles by this author