Ethereum layer-2 network Taiko halted block production and urged bridge withdrawals after a $1.7 million exploit tied to a chain state verification flaw.
Crypto Hack News
Taiko, an Ethereum (ETH) layer-2 Bridge network, told users to withdraw their funds from every bridge on its chain on June 22, 2026, after confirming a security breach.
Source:
Blockchain tracker Lookonchain estimates the attacker took about $1.7 million in assets before the project could respond.
Source:
Taiko said it had confirmed a compromise of its chain state verification mechanism, which meant the security assumptions behind every bridge on the network could no longer be trusted.
In the post, Taiko said it was coordinating with its Security Council and ecosystem partners to contain the incident, pause affected systems, and pursue technical and legal action. The team added that users should withdraw their funds from all Taiko-deployed bridges immediately.
How The Exploit Happened
Security firm Blockaid the breach to a flaw in Taiko's source-signal proof validation. Crafted message proofs were accepted as valid on Ethereum without matching legitimate events on the Taiko source chain, which let the attacker register and retrieve fraudulent bridge messages and trigger unauthorized releases from the ERC20 vault.
Blockaid first put the losses at around one million dollars. PeckShield that estimate to roughly $1.7 million across the full incident. PeckShield also tracked the attacker moving nearly two million TAIKO tokens to the MEXC exchange.
Related Article: What Are Blockchain Bridges?
Industry Bridge Hacks Continue
South Korean exchanges Upbit and Bithumb temporarily stopped TAIKO deposits and withdrawals as a precaution, while KuCoin issued a notice that it temporarily suspended Taiko deposits on the Ethereum network.
The exploit adds to a string of 2026 bridge breaches. It comes only days after the Aztec Private Rollup Bridge was hit by a separate $2.2 million exploit, and earlier losses this year include Gravity Bridge at $5.4 million, Alephium TokenBridge at $815,000, and Hyperbridge at $2.5 million. KelpDAO's $292 million LayerZero-based bridge exploit in April stands as the largest single bridge exploit of 2026. Taiko has not yet released a full postmortem of the incident.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of Vortex, and Vortex is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. Vortex is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by Vortex of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of Vortex.
