Blue Star Capital (LSE:BLU) has updated investors on a cybersecurity breach that has impacted its investee SatoshiPay.
The London-listed firm said the exploit of Hyperbridge, a 'cross-chain' protocol supported by the Polkadot blockchain, allowed an attacker to mint approximately 1 billion bridged DOT tokens, which were swapped for Ethereum (ETH) through SatoshiPay's ETH/DOT liquidity pools on Uniswap across Ethereum and Arbitrum. Hyperbridge estimates the total loss at approximately US$2.5 million, while SatoshiPay's aggregate exposure is approximately US$250,000.
SatoshiPay has filed a report with Action Fraud, submitted a formal claim to Hyperbridge's developers and removed remaining liquidity from the affected pools, and Hyperbridge has outlined recovery steps involving law enforcement and Binance compliance teams and a potential allocation of BRIDGE tokens to cover any residual loss.
Blue Star, the London-listed blockchain investing company, said the incident stemmed from a third-party protocol vulnerability and did not result from any failure or breach of SatoshiPay's own systems, with SatoshiPay confirming its Pendulum and Vortex networks operated as designed and user funds in those environments remain secure.
SatoshiPay, meanwhile, also confirmed its Pendulum FX decentralised exchange deployed on Base has been integrated by aggregators including 0x and KyberSwap, and the FX DEX will form a core component of Vortex to improve liquidity and shorten end-to-end transaction times for certain corridors to approximately 60 seconds. It has completed negotiations with AlfredPay and has begun live testing in a restricted production environment to support North American Vortex operations with Mexico and Colombia targeted shortly thereafter.