Verus-Ethereum bridge drained of $11.58M
Attackers moved 103.6 tBTC, 1,625 ETH and 147,000 USDC into one wallet from the Verus-Ethereum bridge, totaling about $11.58 million, security firms reported.
Security firms flagged a breach of the Verus-Ethereum bridge after attackers transferred about 103.6 tBTC, 1,625 ETH and 147,000 USDC into a single wallet, a haul valued at roughly $11.58 million.
Blockchain security platform Blockaid identified the attacker’s externally owned account as 0x5aBb91B9c01A5Ed3aE762d32B236595B459D5777 and alerted users to unusual activity on Monday. PeckShield calculated that the stolen tokens were swapped into 5,402.4 ETH, placing the converted value at about $11.4 million, and that the funds currently sit at wallet 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9.
Blockaid noted the attacker’s account received an initial 1 ETH deposit via Tornado Cash roughly 14 hours before the transfers were detected, indicating use of a coin-mixing service before moving the funds.
The Verus incident followed a separate disruption three days earlier involving THORChain, where a vault breach removed more than $10 million from protocol-held funds. THORChain posted, “THORChain contributors are still actively investigating the recent incident alongside THORSec and external security partners. More information will be shared as the investigation progresses.”
DeFiLlama data shows at least 13 protocols, including Verus, were targeted in May, with cumulative reported losses for the month exceeding $20 million. In April, protocols recorded greater losses, totaling more than $606 million across 12 incidents; the largest single event that month was the KelpDAO bridge drain, which removed about $292 million.
Security teams are tracing on-chain flows from the Verus bridge to determine how the attacker gained access and whether a bridge or protocol vulnerability was exploited. Firms handling the analysis have published the relevant wallet addresses and token movements but have not released a technical postmortem attributing the breach to a specific fault.
Investigations remain active. Affected projects typically coordinate with exchanges, on-chain analytics firms and law enforcement to flag stolen funds and seek recoveries. The funds linked to the Verus-Ethereum bridge exploit remain traceable on-chain and are held in the attacker-controlled wallet identified by security researchers.








