Ongoing exploit drains $11.6 million from Verus-Ethereum bridge: Blockaid

An active exploit has drained $11.6 million from the Verus-Ethereum bridge, security firm Blockaid reported. The attack siphoned 103.6 tBTC, 1,625 ETH, and 147,000 USDC from the bridge contract.

Peckshield first flagged the vulnerability, triggering immediate awareness across the blockchain security community. The theft spans multiple asset classes, indicating a systemic compromise rather than a targeted drain of a single token. Bitcoin-backed assets represent the largest portion of losses by denomination, though the combined value of Ethereum and stablecoin withdrawals adds substantial exposure.

Verus is a privacy-focused blockchain that bridges to Ethereum to enable cross-chain liquidity. Bridge exploits remain among the highest-severity attack vectors in crypto, given the concentration of user funds in custody contracts. The Verus-Ethereum bridge failure follows a pattern of repeated bridge compromises that have cost users billions since 2021, including the Ronin bridge hack, Poly Network exploit, and Wormhole attack.

The ongoing nature of the exploit suggests attackers continue accessing the bridge's authentication mechanism or smart contract logic. This creates urgent pressure for Verus developers to halt further withdrawals and patch the vulnerability. Users with assets on the bridge face immediate counterparty risk until administrators restrict transactions or implement emergency safeguards.

The incident underscores persistent challenges in bridge architecture. Centralized validation mechanisms, vulnerable code, or compromised private keys remain common attack surfaces. Verus must now establish whether the compromise stems from smart contract logic flaws, stolen admin keys, or an infrastructure breach.

Blockaid's detection highlights the role of real-time monitoring services in catching exploits before attackers fully drain reserves. However, early warnings only matter if bridge operators respond decisively. The $11.6 million loss represents a significant blow to Verus ecosystem confidence and adds pressure on multi-chain protocols to improve security standards before deploying cross-chain infrastructure.