Cross-Chain Bridge Hacks: The Full Record & Why Bridges Get Drained (2026)
An honest, sourced look at the biggest cross-chain bridge hacks — Ronin ($625M), Poly Network ($611M), BNB Bridge, Wormhole, Nomad, Multichain, Harmony and more — why bridges are crypto’s #1 hack target (~$2B in 2022, ~69% of all theft), how user outcomes differed, and how to cut your own bridge risk. Figures as of June 2026, with sources.
Updated June 2026 · Nakta
Quick answer
- Cross-chain bridges are crypto’s most-attacked component. Chainalysis estimated ~$2 billion stolen from bridges across 13 hacks in 2022 — about 69% of all crypto stolen that year.
- The biggest were Ronin (2022, ~$625M, Lazarus — users made whole by Sky Mavis) and Poly Network (2021, ~$611M — the attacker returned nearly everything). Others: BNB Bridge (2022, ~$570M minted, mostly frozen), Wormhole (2022, ~$325M, made whole by Jump Crypto), Nomad (2022, ~$190M).
- Outcomes varied wildly. Multichain (2023, ~$126M, insider/rug) and Harmony (2022, ~$100M, Lazarus) were permanent losses. Whether users were repaid depended on whether a solvent, honest team stood behind the bridge — not on the size of the hack.
- Why bridges, specifically: they pool everyone’s liquidity in one place, run complex custom code, and often rely on just a few signer keys (Ronin 5/9, Harmony 2/5) — a honeypot for state-level attackers.
- How to cut your risk: bridge as little as possible, never park funds in a bridge, prefer buying on the destination chain via an exchange, and keep long-term holdings in self-custody.
- This page gives the full incident table, why bridges get hacked, the findings, the protection rules and sources. Not investment advice.
What this page covers
1. The finding: bridges are crypto’s #1 hack target
2. Bridge security at a glance
3. Full record: major cross-chain bridge hacks & outcomes (2026)
4. Why bridges keep getting drained
5. Three findings that contradict the hype
6. How to cut your bridge risk
7. Lower-risk alternative: buy on the destination chain
8. Next steps
1. The finding: bridges are crypto’s #1 hack target
2. Bridge security at a glance
3. Full record: major cross-chain bridge hacks & outcomes (2026)
4. Why bridges keep getting drained
5. Three findings that contradict the hype
6. How to cut your bridge risk
7. Lower-risk alternative: buy on the destination chain
8. Next steps
1. The finding: bridges are crypto’s #1 hack target
Cross-chain bridges are the single most-attacked part of crypto. A bridge locks up huge amounts of assets in one set of contracts so they can move between blockchains — which makes it a magnet for hackers. According to Chainalysis, roughly $2 billion was stolen from bridges across 13 separate hacks in 2022 alone, accounting for about 69% of all crypto stolen that year.
Here are the largest cross-chain bridge hacks on record, as of June 2026:
| Bridge | Year | Amount | Outcome for users |
|---|---|---|---|
| Ronin (Axie Infinity) | 2022 | ~$625M | Made whole — Sky Mavis raised funds and reimbursed users |
| Poly Network | 2021 | ~$611M | Returned — the attacker gave back nearly all funds |
| BNB Chain Bridge | 2022 | ~$570M minted | Mostly contained — validators halted the chain; most funds frozen |
| Wormhole | 2022 | ~$325M | Made whole — Jump Crypto replaced the funds |
| Nomad | 2022 | ~$190M | Mostly lost — a chaotic free-for-all; only part returned |
| Multichain | 2023 | ~$126M | Lost — insider/rug suspected; protocol shut down |
| Harmony Horizon | 2022 | ~$100M | Lost — users not made whole (Lazarus-linked) |
The one-line takeaway: bridge hacks are common and large, but the outcome for users varies wildly — from full reimbursement (Wormhole, Ronin) or a returned heist (Poly Network) to permanent loss (Multichain, Harmony). The safest move for most people is to bridge as little as possible, and never leave funds sitting in a bridge. Figures as of June 2026; verify current numbers on official sources.
2. Bridge security at a glance
The headline picture at a glance:
🌉Cross-Chain Bridge HacksWhat the bridge hack record actually tells you — as of June 2026
| Why it matters | Bridges = crypto’s #1 hack target |
| 2022 alone | ~$2B stolen across 13 bridge hacks (Chainalysis) |
| Share of all theft | ~69% of crypto stolen in 2022 came from bridges |
| Largest | Ronin ~$625M (2022) · Poly Network ~$611M (2021) |
| Best outcome | Poly Network — attacker returned nearly everything |
| Worst outcome | Multichain ~$126M — insider/rug, never recovered |
| Core risk | Pooled liquidity + complex code + few signers |
| As of | June 2026 (verify current figures officially) |
The pattern is blunt: bridges concentrate enormous value behind code and a small set of signers, so when one breaks, the loss is huge. Whether you get hurt depends almost entirely on who was behind the bridge and how solvent and honest they were afterward — not on the size of the hack itself.
3. Full record: major cross-chain bridge hacks & outcomes (2026)
The full record of major cross-chain bridge exploits and how each was handled, as of June 2026. “Made whole” means users did not ultimately bear the loss.
| Bridge | Date | Loss | How it happened | Outcome |
|---|---|---|---|---|
| Ronin (Axie Infinity) | Mar 2022 | ~$625M | Attackers gained control of 5 of 9 validator keys and forged withdrawals (173,600 ETH + 25.5M USDC). FBI attributed it to North Korea’s Lazarus Group. | Users made whole. Sky Mavis raised ~$150M and reimbursed users, then rebuilt the bridge. |
| Poly Network | Aug 2021 | ~$611M | A flaw in the cross-chain manager contract let the attacker reassign ownership and drain assets across three chains. | Funds returned. The attacker (“Mr. White Hat”) gave back nearly all of it within ~15 days. |
| BNB Chain Bridge | Oct 2022 | ~$570M minted (~$100M+ extracted) | A forged proof let the attacker mint ~2M BNB out of thin air on the BSC Token Hub. | Mostly contained. Validators paused the chain; the majority of funds were frozen before they could leave. |
| Wormhole | Feb 2022 | ~$325M | A signature-verification flaw let the attacker mint 120,000 wETH on Solana without backing. | Users made whole. Jump Crypto replaced the funds; the ETH was later recovered via a counter-exploit in 2023. |
| Nomad | Aug 2022 | ~$190M | A faulty upgrade marked every message as valid, so anyone could copy the exploit transaction — a public “free-for-all.” | Mostly lost. White-hats returned ~$36M+, but most was gone. |
| Multichain | Jul 2023 | ~$126M | Bridge keys were effectively controlled by an absent CEO (reportedly detained); large unauthorized withdrawals followed — widely seen as an insider event or rug pull. | Lost. Funds were not recovered and the protocol shut down. |
| Harmony Horizon | Jun 2022 | ~$100M | Just 2 of 5 multisig keys were compromised, enough to approve withdrawals. Lazarus-linked. | Not made whole. A proposal to mint new tokens to repay was rejected by the community. |
| Orbit Chain | Dec 2023 | ~$82M | Unidentified access to the Orbit Bridge drained multiple assets on New Year’s Eve. | Not recovered. |
| Synapse (defended) | Nov 2021 | ~$8M attempt | An attacker exploited a flaw in code forked from Saddle.Finance and tried to drain a pool. | Funds saved. Validators paused the network and reversed the transaction before it finalized. |
Sources & method: incident figures and outcomes compiled June 2026 from public reporting and on-chain analysis (e.g. Chainalysis, Elliptic, exchange/protocol post-mortems and FBI/US Treasury attributions for the Ronin and Harmony hacks). Amounts are approximate at the time of each event and shift with price and recovery. “Made whole” reflects public reporting that users did not ultimately bear the loss.
How to read this honestly: notice that the biggest two — Ronin and Poly Network — had the best user outcomes (reimbursed; returned), while smaller hacks like Multichain and Harmony were total losses. Size of the breach tells you little; what matters is whether a solvent, honest team stood behind the bridge. Synapse is the rare case where the design caught the attack in time — a reminder that “can pause and reverse” is a safety feature, but it also means the bridge isn’t trustless.
4. Why bridges keep getting drained
Why do bridges, specifically, keep getting drained? Four structural reasons — and they don’t go away just because a bridge is popular.
| Reason | Why it creates risk |
|---|---|
| Pooled liquidity = one giant target | A bridge locks the assets for every user in one set of contracts. Break it once and the whole pool is exposed — a far bigger prize than attacking one wallet. |
| Complex, custom code | Bridges stitch together different chains with novel, hard-to-audit logic. Several hacks (Wormhole, Nomad, Poly Network) came from a single subtle bug in that logic. |
| Few signers / centralized keys | Many “decentralized” bridges rely on a small multisig or validator set. Ronin (5 of 9), Harmony (2 of 5) and Multichain all fell because a handful of keys were enough. |
| Honeypot for state-level attackers | The sums are large enough to attract professional crews — North Korea’s Lazarus Group is tied to Ronin and Harmony alone (well over $700M). |
One line: a bridge is only as safe as its weakest signer and its least-audited line of code — and it holds everyone’s money in one place. That combination is exactly why bridges, not wallets, dominate the biggest-hacks list.
5. Three findings that contradict the hype
Three findings stand out from the data — and each corrects a common belief.
| Finding | Why it matters |
|---|---|
| 1. “Decentralized” bridges often weren’t | The keys that failed at Ronin, Harmony and Multichain were a small, trusted set. A bridge with a 2-of-5 multisig is a custodian, not a trustless protocol — judge it accordingly. |
| 2. Recovery is the exception, not the rule | Users got made whole when a deep-pocketed backer chose to cover it (Jump for Wormhole, Sky Mavis for Ronin) or the attacker returned it (Poly Network). When no one solvent stood behind the bridge (Multichain, Harmony), the money was simply gone. |
| 3. The safest bridge transaction is the one you don’t make | Every hour your funds sit in a bridge contract is exposure. Bridging quickly and rarely — or avoiding it altogether — removes you from the single riskiest part of crypto. |
The pattern: don’t ask “is this bridge audited?” — ask “who would actually make me whole if it broke, and how few keys protect my money?” Most bridges answer both badly.
6. How to cut your bridge risk
You can’t make bridge risk zero, but you can cut your exposure to a fraction. Practical rules:
| Rule | Why |
|---|---|
| Buy on the destination chain instead of bridging | If you want an asset on a specific chain, it’s often safer to buy it directly on an exchange and withdraw to that chain than to bridge it yourself. No bridge contract risk at all. |
| Never store funds in a bridge | Bridge in, use the funds, bridge out — don’t leave a balance parked in the bridge or its LP. Exposure is a function of time. |
| Prefer large, battle-tested bridges | Established bridges with deep audits, bug bounties and a solvent team behind them are safer than a new high-yield one — but “established” is not “safe,” as Multichain showed. |
| Move the rest to self-custody | For anything you’re holding rather than actively moving, a wallet you control beats leaving assets exposed to bridge or exchange contracts. |
| Treat “safe high-APY bridge” pitches as red flags | Outsized yields for providing bridge liquidity price in exactly this risk. “Guaranteed safe” cross-chain yield is a classic scam framing. |
Bottom line: bridging is sometimes necessary, but it’s the riskiest routine action in crypto. Minimize it, never park funds in it, and keep long-term holdings in self-custody.
7. Lower-risk alternative: buy on the destination chain
The lowest-risk way to get an asset onto the chain you want is often to skip the bridge entirely: buy it on an exchange and withdraw directly to that network. These are the exchanges we keep dashboard-verified sign-up guides for — entering a referral code at sign-up applies fee perks:
Binance
Code: CRYPTONAKTA
Installing the app directly? Enter CRYPTONAKTA in the “Referral” field at sign-up — that’s how your benefit (and our credit) attaches.
Huge multi-chain withdrawal support · 10% off fees with CRYPTONAKTA
Bybit
Code: 5ZGKX#0
Installing the app directly? Enter 5ZGKX#0 in the “Referral” field at sign-up — that’s how your benefit (and our credit) attaches.
Deep liquidity · many networks for withdrawal
OKX
Code: 46938989
Installing the app directly? Enter 46938989 in the “Referral” field at sign-up — that’s how your benefit (and our credit) attaches.
Wide chain support + built-in Web3 wallet
Gate.io
Code: VFIWUQTAUQ
Installing the app directly? Enter VFIWUQTAUQ in the “Referral” field at sign-up — that’s how your benefit (and our credit) attaches.
Many chains/tokens · lifetime 10% fee discount
MEXC
Code: 43zJH
Installing the app directly? Enter 43zJH in the “Referral” field at sign-up — that’s how your benefit (and our credit) attaches.
Broad new-token & network coverage
Affiliate disclosure: some links are partner links. We may earn a commission at no extra cost to you. This is not investment advice.
Honest reminder: exchanges carry their own risks (see our exchange hack history) — keep only what you actively trade on any platform, secure the account with app-based 2FA and withdrawal whitelists, and move long-term holdings to self-custody. No bridge, exchange or referral is risk-free.
8. Next steps
The honest summary: cross-chain bridges hold enormous value behind complex code and a few keys, which is why they — not wallets — dominate crypto’s biggest-hacks list (~$2B in 2022, ~69% of all theft). The biggest breaches, Ronin and Poly Network, ended best because a solvent backer reimbursed users or the attacker returned the funds; smaller ones like Multichain and Harmony were permanent losses because no one solvent stood behind them. So treat any bridge as higher-risk: bridge rarely and quickly, never park funds in a bridge, and where possible buy the asset on the chain you want via an exchange instead. Keep only trading-size balances on any platform, secure accounts with app-based 2FA and withdrawal whitelists, and move long-term holdings to a wallet you control. Learn the traps in the scams guide, see how centralized platforms compare in the exchange hack history, and if you’re weighing a bridge token itself, read our Synapse (SYN) analysis. New to all of it? Start at the complete beginner’s guide.
Frequently asked questions
Q. What is a cross-chain bridge, and why is it risky?
A bridge moves crypto from one blockchain to another by locking your asset in a contract on the source chain and releasing an equivalent on the destination chain. It’s risky because it pools many users’ assets in one set of contracts, runs complex custom code, and often relies on a small number of signer keys — so a single bug or key compromise can drain everyone at once. That’s why bridges are the most-attacked part of crypto.
Q. What was the biggest bridge hack?
The largest was the Ronin Network bridge hack of March 2022, at roughly $625 million (173,600 ETH and 25.5M USDC), attributed by the FBI to North Korea’s Lazarus Group. Poly Network in August 2021 was a similar size (~$611M) but the attacker returned almost all of it. By dollars stolen, bridges hold most of crypto’s biggest-hack records.
Q. Did users get their money back after bridge hacks?
It depended entirely on who was behind the bridge. Wormhole users were made whole because Jump Crypto replaced the ~$325M; Ronin users were reimbursed by Sky Mavis; Poly Network’s attacker returned the funds. But Multichain (~$126M) and Harmony (~$100M) were largely permanent losses because no solvent, willing party covered them. Reimbursement is the exception, not a guarantee.
Q. How much has been stolen from bridges?
Chainalysis estimated about $2 billion was stolen from cross-chain bridges across 13 separate hacks in 2022 alone — roughly 69% of all crypto stolen that year. Major incidents have continued since (e.g. Multichain ~$126M in 2023, Orbit Chain ~$82M in late 2023), keeping bridges at the top of the risk list.
Q. Are crypto bridges safe to use?
No bridge is risk-free, and bridges as a category have the worst hack record in crypto. You can reduce exposure by using large, battle-tested bridges, bridging small amounts quickly, never leaving funds parked in a bridge, and — where possible — buying the asset directly on an exchange and withdrawing to your target chain instead of bridging. Treat any “guaranteed safe” or high-APY bridge pitch as a red flag.
Q. What’s the safest way to move crypto between chains?
For many people the lowest-risk route is to skip the bridge: buy the asset on an exchange that supports your target network and withdraw directly to it, which avoids bridge-contract risk entirely. If you must bridge, use a major audited bridge, move only what you need, and bridge out promptly rather than holding a balance in the bridge.
Q. Was the Synapse bridge ever hacked?
Synapse faced an exploit attempt in November 2021 (~$8M) via code forked from Saddle.Finance, but its validators paused the network and reversed the transaction before it finalized, so funds were saved. That’s a genuine plus — but the ability to pause and reverse also means the bridge is not trustless. See our full Synapse (SYN) analysis for the details.
Q. Are these bridge hack figures accurate?
They are approximate, point-in-time estimates compiled as of June 2026 from public reporting and on-chain analysis (Chainalysis, Elliptic, protocol post-mortems and law-enforcement attributions). Loss amounts shift with token prices and any recovery, and details emerge over time — treat them as orders of magnitude and verify current figures on official sources.
This page is for information and education only and is not investment, financial, legal or tax advice. Crypto is high-risk and you can lose money. The bridge security events, loss amounts and outcomes described here are approximate, point-in-time figures compiled as of June 2026 from public reporting and on-chain analysis; they are summaries, not a complete record, and details change over time. “Made whole” reflects public reporting that users did not ultimately bear the loss in a given incident and is not a promise of future conduct; no bridge, protocol or exchange is risk-free. Always verify current figures and a protocol’s security posture on official sources before acting. Some links are partner links: using them costs you nothing extra and never changes what we recommend.
Compare the best crypto exchanges (a lower-risk way to go cross-chain) →
