TLDR
- CrossCurve lost approximately $3 million due to a security breach.
- The breach affected multiple blockchain networks and liquidity pools.
- PortalV2 tokens dropped 15.1% in value following the incident.
CrossCurve, a cross-chain liquidity protocol, reported a security breach resulting in a loss of approximately $3 million. This exploit occurred between January 31 and February 1, 2026, affecting multiple blockchain networks. The vulnerability originated from a flaw in the ReceiverAxelar contract, which allowed attackers to send spoofed messages and drain liquidity from the PortalV2 pool.
As a precautionary measure, CrossCurve advised users to halt any interactions with their protocol during the ongoing investigation. The breach was particularly concerning, given the substantial drop in the PortalV2 contract balance from around $3 million to nearly zero. Furthermore, Curve Finance has recommended that liquidity providers assess and possibly withdraw their funds from affected pools.
Project Background and Key Figures
CrossCurve, previously known as EYWA, is supported by Michael Egorov, the founder of Curve Finance. The protocol has successfully raised $7 million in funding, although specific investor details remain undisclosed. So far, there have been no official statements from Egorov, CrossCurveโs founding team, or any other major players associated with the project. The only response has been a call to suspend protocol usage, communicated through social media platforms.
Security expert Taylor Monahan compared the CrossCurve breach to the Nomad bridge hack from 2022, where $190 million was lost due to similar security loopholes. This incident underscores the vulnerabilities that can occur in cross-chain technologies and reinforces the need for ongoing security audits and updates.
Economic Impact on Affected Assets
The exploit primarily impacted liquidity pools involving Ethereum (ETH) and related altcoins across various blockchain networks, causing an estimated $3 million in losses. Interestingly, Bitcoin (BTC) was not affected by this incident. The severe drop in the value of PortalV2 tokens, declining by 15.1% within a day to $0.00109, highlighted a significant erosion in market confidence.
The Total Value Locked (TVL) and liquidity exhibited sharp outflows as stakeholders rapidly withdrew their funds. This situation has yet to show any signs of stabilization, and market participants are closely monitoring the unfolding developments.
Contextualizing Within Historical Precedents
This attack shares notable similarities with the Nomad bridge exploit of 2022, in which hackers exploited weak validation processes to siphon off $190 million. The cumulative effect of these bridge hacks has amounted to losses of around $2.8 billion, accounting for 40% of all Web3 security breaches.
The lack of immediate regulatory responses from bodies like the SEC, CFTC, or ESMA, as well as the absence of proactive compliance measures, has left the community and developers to speculate on potential risks. Investigations continue, but the landscape remains tense without clear guidance or reassurance from the protocolโs leadership.
| Disclaimer: The content on defiliban.com is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions. |
