Data compiled by Woofun AI shows that hackers exploited a vulnerability in the Secret Network and Axelar cross-chain bridge contract on June 10th, creating fake deposits to mint uncollateralized tokens. The attackers cashed out approximately $4.67 million, with the breach remaining undetected for seven days until a routine cross-chain transfer failed on June 17th due to insufficient custodial funds, revealing the anomaly.

The vulnerability stemmed from the removal of two key verification functions during the contract's transition from a custodial to a minting model, compounded by a lack of external audits since early 2023. Stolen assets were routed through Osmosis to Ethereum, swapped for ETH on CoW Protocol, and dispersed across exchanges including KuCoin, ChangeNow, and HitBTC. While Secret Network requested Axelar to freeze an address holding $672,000, the request was denied. Axelar stated its core protocol was not compromised and has disabled relevant connections while coordinating with law enforcement.