Key Highlights
- Aethir lost over $400K in a cross-chain exploit as funds quickly moved from BNB Chain to TRON wallets.
- Hackers used cross-chain tools to hide stolen Aethir funds, making tracking across blockchains harder for analysts.
- Experts link Aethir exploit risks to weak cross-chain security, with funds still sitting idle in TRON wallets.
A new crypto hack has shaken the market after attackers stole over $400,000 from Aethir’s system. The breach hit the AethirOFTAdapter, a tool used to move tokens across blockchains. Security firm PeckShieldAlert first flagged the issue on X after spotting unusual transactions.
The hacker then swiftly transferred the looted tokens from BNB Chain to the TRON blockchain via a cross-chain bridge service. According to PeckShieldAlert, the hacker executed a quick series of transactions to avoid detection while transferring the tokens from one blockchain to another.
The looted tokens initially went into a wallet on the BNB Smart Chain associated with the deBridge blockchain. The hacker then swiftly transferred the majority of the tokens to the TRON network, where they currently reside in multiple wallets.
Exploit path and fund movement
The attacker moved the stolen funds quickly using cross-chain tools, making them harder to trace. They used Symbiosis Finance to shift the assets from BNB Chain to TRON. Investigators have since identified two TRON wallets holding the funds. So far, there are no signs of major withdrawals. This suggests the attacker may be holding the money for now.
The exact cause of the hack is still not known. However, experts believe it may be linked to a smart contract bug or weak access controls. Cross-chain systems are also complex, which often makes them harder to secure and more likely to have hidden weaknesses.
Aethir has not made an official statement yet. The team is still likely investigating what went wrong and how the breach happened.
Rising risks in cross-chain DeFi
This attack adds to a rising number of bridge-related hacks in 2026. Attackers now focus more on cross-chain systems because they handle large amounts of funds. Earlier this year, CrossCurve lost about $3 million in a smart contract exploit. IoTeX also reported a $4.3 million breach linked to a compromised validator key.
Security experts have also raised concerns about insider risks in DeFi projects. There are growing fears around developers linked to North Korea. Taylor Monahan said, “Lots of DPRK IT workers built the protocols you know and love.” Reports suggest these actors have quietly worked within several platforms since 2020.
The Lazarus Group remains one of the most active hacking groups in crypto. Analysts estimate it has stolen around $7 billion since 2017. This latest Aethir incident adds to concerns about weak points in cross-chain systems and smart contract security.
Also Read: Pi Network v21.2 Upgrade Sparks Explorer Version Confusion
