Hedera exploit appears to have moved more than $5.8 million in assets from the Hedera network to Ethereum. Consequently, HBAR has fallen more than 2% following the reports.
According to blockchain security researcher Specter, the suspected attacker had already bridged more than $3.7 million worth of assets from Hedera to Ethereum before continuing to move additional funds.
Why the Hedera exploit matters
Specter said the stolen assets were being swapped from Wrapped Bitcoin (WBTC) into Ether (ETH) after crossing chains through LayerZero. The researcher also published two wallet addresses believed to be linked to the incident.
At the time of writing, CryptoBull360 reported that the wallet’s estimated value had increased to roughly $5.8 million. This indicates that more assets had reached Ethereum after the initial transfers. The shared wallet data showed holdings of about 3,203 ETH (representing nearly 80% of the portfolio) alongside roughly 20% in WBTC.
According to TradingView data, Hedera price traded around $0.0669, down more than 3% following the reports of the suspected exploit.
Cross-chain transfers continue after the initial breach
As additional transactions appeared on-chain, blockchain security firm PeckShield said the suspected exploit had already transferred approximately $5.25 million from the Hedera mainnet to Ethereum. The firm added that the wallet held around 2,360 ETH (valued at roughly $4.25 million) and 15.58 WBTC (worth about $1 million) at the time of its analysis.
PeckShield also reported that the wallet had originally been funded with 1 ETH from Tornado Cash, citing on-chain transaction history. This observation identifies the source of the wallet’s initial funding. Nevertheless, it does not establish who controls the address or who carried out the alleged attack.
The wallet screenshots shared by both Specter and PeckShield showed a series of inbound transfers arriving within a short period before the assets were converted into ETH.
Investigation remains ongoing as official details are limited
Neither Specter nor PeckShield identified the party responsible for the suspected exploit. Additionally, no official estimate of the total losses had been released at the time of writing. The reported value of the stolen assets continued to change as additional funds were observed moving through the wallet.
The incident is still developing, with blockchain security researchers continuing to monitor the addresses and publish updates as new transactions appear on-chain. Meanwhile, market participants are watching for an official statement from the Hedera team regarding the reported exploit and any measures taken to contain its impact.
Wider security context
The Hedera incident comes amid a series of security-related developments reported by in recent weeks. For example, Blockaid recently said it detected an active exploit targeting Summer.fi, estimating losses of about $6 million at the time of its alert.
Separately, Ctrl Wallet announced it will permanently shut down after a security exploit affecting some Cardano wallets, giving users until Aug. 3 to withdraw their assets. Additionally, it was reported that Secret Network has proposed migrating SCRT from Cosmos to Arbitrum. The team cited security risks, weaker liquidity, and an aging codebase in its July 7 governance proposal.