An ongoing exploit has been detected on the Verus-Ethereum Bridge, with attackers successfully draining approximately $11.58 million in digital assets. The incident, which unfolded early on May 18, has sent ripples through the crypto community and added to the growing list of DeFi security incidents this year. According to reports from Blockaid and PeckShield, the attacker extracted significant amounts of ETH, tokenized Bitcoin (tBTC), and USDC from the bridge. The stolen funds were later swapped primarily into over 5,400 ETH and now sit in the drainer wallet 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9.
This marks yet another high-value breach targeting cross-chain infrastructure. These bridges continue to be a prime target for cybercriminals due to the large liquidity pools they manage.
🚨 Community alert:
Blockaid’s exploit detection system has identified an on-going exploit on the @veruscoin Verus-Ethereum Bridge (https://t.co/HEwYZqFEfC).
~$11.58M drained so far.More details in🧵
— Blockaid (@blockaid_) May 18, 2026
Details of the Incident
The Verus-Ethereum Bridge allows users to transfer assets between the Verus blockchain and the Ethereum network. The exploit targeted the bridge contract at address 0x71518580f36feceffe0721f06ba4703218cd7f63. Security researchers noted that the exploit resulted in the loss of:
- 1,625 ETH
- 103.6 tBTC (Threshold Network’s tokenized Bitcoin)
- 147,000 USDC
As of the latest updates, the bulk of the stolen assets remains under the attacker’s control. Blockaid described the situation as an active exploit when they first flagged it on social media and urged the community to stay vigilant.
VerusCoin is known as a privacy-oriented, community-driven blockchain project that has positioned its bridge as a secure solution for cross-chain transfers. The project had recently released a network update to address other potential issues. However, the team has not yet issued a detailed public statement regarding this specific breach as of reporting time.
Growing Concerns Over Bridge Security
Cross-chain bridges have become one of the most vulnerable areas in the cryptocurrency ecosystem. They hold substantial locked value to enable seamless transfers between different blockchains, making them attractive targets. This Verus incident contributes to an already concerning tally of DeFi losses in 2026. Bridge-related exploits form a significant portion of the year’s hacks.
The latest Verus-Ethereum Bridge exploit also follows a broader trend of attackers targeting cross-chain and DeFi infrastructure in 2026. Earlier this month, Wasabi Protocol suffered a multi-chain exploit that resulted in more than $5 million in losses, highlighting the increasing sophistication of attacks against interconnected blockchain systems.
Industry observers note that while bridges bring important interoperability to blockchain networks, repeated incidents highlight the need for stronger ongoing security practices and user caution. Earlier in May, other protocols also faced security challenges, keeping the overall DeFi hack tally climbing.
What Users and Holders Should Know
For anyone who has used the Verus-Ethereum Bridge or holds bridged assets, the immediate recommendations are:
- Avoid any further interactions with the bridge until the Verus team provides an official update and confirms the issue is resolved.
- Monitor official Verus communication channels including the website, X account, and Discord for announcements regarding the incident, potential recovery efforts, or next steps.
- Revoke approvals for bridge-related contracts on Ethereum if you have previously bridged assets.
- Be extremely cautious of scam messages, fake recovery offers, or suspicious links that often circulate after major hacks.
Security experts advise that users should always practice good wallet hygiene. This includes using hardware wallets where possible, double-checking contract addresses, and limiting approvals to only necessary amounts.
Looking Forward
This event comes at a time when the broader crypto industry is pushing for better standards in cross-chain technology. The Verus team is expected to release more information soon, including any plans for affected users or protocol adjustments.
The crypto community will be watching closely for how Verus responds and whether any portion of the funds can be recovered through on-chain monitoring or collaboration with security firms.
