Taiko, an Ethereum layer-2 network, has urged users to withdraw assets from its bridges after an exploit led to losses of about $1.7 million. The issue stemmed from a failure in the chain state verification system, allowing attackers to forge transactions and withdraw funds from the protocol’s ERC20 vault without authorization.
The network confirmed its bridge verification mechanism was compromised, undermining the reliability of all bridges operating on Taiko. Affected systems have been paused while the team works with partners to contain the breach.
Faulty validation enabled forged transactions
Cybersecurity firm Blockaid said the exploit originated from a flawed validation process that allowed Ethereum to accept falsified proofs not backed by legitimate Taiko transactions. Attackers were able to generate fake bridge messages and later redeem them to unlock assets that were never properly deposited.
Estimates of losses vary slightly. Blockaid placed the figure above $1 million, while Lookonchain and PeckShield calculated roughly $1.7 million. PeckShield also traced nearly 1.99 million Taiko tokens, worth about $189,000, moved to a trading platform after the attack. Data from Arkham Intelligence shows wallets tied to the exploit still hold around $1.5 million, mostly in Ether.
Token pressure and containment efforts
The Taiko token is trading near $0.084, down roughly 98% from its 2024 peak, reflecting prolonged pressure alongside the latest security incident.
In response, the team has instructed users to withdraw funds from affected bridges and coordinated with centralized platforms to halt token deposits. Block production on the network has also been paused to limit further damage and support the investigation.
Part of a broader wave of defi attacks
The exploit adds to a growing list of decentralized finance breaches in June, with at least 23 incidents recorded so far. Earlier in the month, Humanity Protocol and Syscoin Bridge suffered losses exceeding $30 million and $8 million, respectively.
Other platforms hit include Secret Network, which lost about $4.67 million, and OLPC/LABUBU liquidity pools, which were drained of $1.1 million. Additional incidents have affected Aztec Connect, RetoSwap, and Raydium AMM.
Rising risks around cross-chain infrastructure
Bridge-related vulnerabilities continue to be a major weak point across the sector. These systems, which connect different blockchains, have accounted for more than $328 million in losses in 2026 alone. The second quarter has seen a record pace of exploits, with roughly 70 incidents reported.
Losses across the digital asset space exceeded $840 million in the first five months of the year, marking a sharp increase from the same period last year and signaling a more aggressive threat environment.
Focus turns to post-mortem and recovery
The focus now shifts to Taiko’s forthcoming technical review, which is expected to detail how the validation failure occurred and what safeguards will be implemented. The depth and transparency of that report will likely shape how quickly confidence in the network can recover.
Worried about Taiko’s exploit? Learn how crypto security breaches happen and protect your assets from future DeFi risks.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
