Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Multichain bridge CrossCurve announced on Monday that it has suffered a serious problem, losing $ 3 million on several networks.
Decentralized finance protocol shows that there is a risk Its smart contracts has been used, raising security concerns for multi-level security.
“Our bridge is now under attack,” he wrote on the X platform, warning users to stop all interactions with Cross Curve.
Quick safety notice
Dear user,
Our bridge is currently under attack which involves exploiting a vulnerability in one of the smart contracts used.
Please cease all interactions with Cross Curve while the investigation is ongoing.
Thank you for your patience and cooperation… pic.twitter.com/yfo1KvWoDd
– CrossCurve (@crosscurvefi) February 1, 2026
Smart Contract Vulnerability: Hackers use fake messages
According to Cross Curve’s post, some user addresses received money from tokens due to the threat of a smart contract that was unfairly taken from other users.
“We do not believe that this was intentional on your part, and there is no indication of bad intentions. We hope that your cooperation will return the money,” the platform wrote, referring to all 10 addresses.
According to the blockchain security account Devimon Alerts, the future smart contract of the blockchain Akslar allows anyone to create a transit message, bypassing the gateway verification. This led to the unauthorized activation of tokens on Portal V2 nodes.
Cross Curve was used @crosscurvefi (formerly known as https://t.co/4HJ33uOZUS) about $3 million on multiple networks.
Anyone can make a call to ExpressExecute on the ReceiverAxelar node using a fake message, bypassing portal authentication and opening tokens on PortalV2.… pic.twitter.com/EfYe3Tfo9v
– Defimon Alerts (@DefimonAlerts) February 1, 2026
In addition, Curve Finance wrote that users who have submitted their votes to the platform’s affiliate pools “may want to reevaluate their positions and consider removing those votes.”
The scheme is supported by the founder of Curve Finance Michael Egorov and received $ 7 million in business financing in 2023.
Cross Curve offers a 10% interest rate to ethical hackers and sets a 72-hour deadline
According to the Responsible Vulnerability Disclosure Policy, which describes the process of managing a vulnerability report, if the hacker supports the refund, a 10% reward will be given.
“This makes you eligible to save up to 10% if the rest is returned,” the project team said.
Additionally, Cross Curve has set a 72-hour deadline for hackers to return the money. If proper communication is not established, the project team will quickly escalate.
This includes civil and criminal cases, as well as partnerships with trading platforms such as Coinbase and Binance, stablecoin providers, law enforcement, and blockchain analysis companies including Chainalysis, TRM Labs, and Elliptic.
It’s like the Cross Curve hack Using the Nomad bridge worth $190 million In 2022, when about 8,000 Solana wallets were hacked.
“In terms of prevention, smart security templates that are known to be safe, smart technology audits, and the secure life of a fixed program,” Andrew Morville, head of information security at Comino, told CryptoNews. “As the market matures, well-designed and updated protocols with real-time requirements will provide the reliability and security guarantees that investors demand.”
A note The smart contract of DeFi protocol CrossCurve was misused, causing the loss of $ 3 million on several chains. appeared for the first time Cryptonews Arabic.
