A cross-chain bridge lost about $11 million on Monday, May 18, 2026, when an attacker drained the Verus-Ethereum bridge of three different tokens and converted the haul to ether. Security firm PeckShield flagged the exploit. The amounts taken were 103.6 tBTC, Threshold Network's tokenized bitcoin, 1,625 ETH, and 147,000 USDC. The attacker swapped that mix for 5,402.4 ETH, worth more than $11 million, and sent the proceeds to a single wallet.

If the pattern feels familiar, it should. Bridges are the part of crypto that gets hacked again and again, and this is one more entry on that list.

What happened

The drained assets came off the bridge that links Verus to Ethereum. Per PeckShield, the attacker collected 103.6 tBTC, 1,625 ETH, and 147,000 USDC, then consolidated everything into 5,402.4 ETH. On-chain, the funds landed in a wallet at address 0x65Cb8b128Bf6e690761044CCECA422bb239C25F9.

Those are the confirmed numbers. The dollar figure is the swapped-into-ETH value as of the day of the attack, so treat it as a snapshot, not a fixed total; the price of 5,402.4 ETH moves with the market.

Why bridges keep getting hit

A bridge moves value between two blockchains that cannot talk to each other directly. Bitcoin does not natively run on Ethereum, and Ethereum does not run on other chains, so a bridge holds your asset on one side and issues a matching token on the other. To do that, it has to hold deposits. That pooled balance is the problem.

Three things make bridges a standing target. They sit on large pools of locked funds, so a single break pays out in millions rather than the contents of one person's wallet. They are complex software connecting two systems, and complexity is where bugs hide. And they have been hit so often that attackers treat them as a known category to probe. Year after year, cross-chain infrastructure accounts for some of the largest thefts in crypto. The Verus-Ethereum loss is small next to the biggest bridge hacks on record, but it lands in the same place for the same structural reason: that's where the money sits.

What it means for a normal holder

A bridge is a place your money passes through, not a place it should live. The risk is not that bridging is always reckless; people move assets across chains for good reasons every day. The risk is concentration and time. The more value you hold in a bridge and the longer it sits there, the more you are exposed to a failure you do not control and cannot audit yourself.

A few habits cut that exposure. Bridge what you need, when you need it, rather than parking a large balance mid-transfer. Move funds back into your own custody once they are across, so the bridge is a step and not a home. And read what you sign. A self-custody wallet such as MetaMask shows you the transaction it is about to approve, including the contract and the amount; that prompt is your last check before the funds leave. None of this makes bridging risk-free. It keeps the size of any single failure smaller.

This sits inside a wider point about crypto safety: the threats that cost people the most are usually structural, not flashy. A bridge is plumbing. When plumbing breaks, the water goes where it wants. The defensible move is to keep less of your value standing in the pipe.

The attacker's wallet is now public, which means the swapped ETH can be watched on-chain. What happens to those funds next is the part worth tracking.