Hackers Drain $6 Million From DeFi Platform in Major Cross-Chain Heist
Another decentralized finance protocol has fallen victim to an elaborate cross-chain heist - this time, Garden Finance, which lost an estimated $6 million in digital assets after hackers executed a coordinated exploit that spread across several blockchains.
The attackers struck without warning, siphoning funds from multiple pools in a series of rapid-fire transactions before investigators could react. Within minutes, tokens including WBTC, USDC, and USDT were drained and converted into Ethereum (ETH), then funneled through different networks using bridging protocols.
Security analysts from Cyvers Alerts, the blockchain forensics firm tracking the incident, say the constant movement of funds has made tracing the assets “extremely complex,” as the hacker uses cross-chain swaps to hide their trail.
So @gardenfi got hacked for at least $11M+ likely (TBC) by a DPRK-affiliated group known as DangerousPassword.
Somewhat ironically, of the $5.3M which appears stolen on Solana (account: WZy4xxpqktWa1b6MPMRiWsD487CT8mDcapB6GufBJCH), over 50% is sourced from the @swissborg hack…
— tanuki42 (@tanuki42_) October 30, 2025
Many of the stolen coins were “freezable” stablecoins at first – meaning they could have been frozen by issuers like Circle or Tether – but the attacker preemptively converted them into Ethereum to avoid that risk.
The Aftermath: A Plea for Dialogue
In a bid to recover some of the stolen funds, the Garden Finance team published a direct on-chain message addressed to the attacker, asking for cooperation rather than confrontation.
The message offered a 10% bounty for the safe return of the remaining assets and for information about the exploited vulnerability. “We aim to resolve this incident peacefully,” the message stated, urging the hacker to reach out through Discord or Telegram.
The tone echoed a now-common tactic in DeFi: treating exploiters as reluctant security researchers who might accept a negotiated reward instead of laundering the entire haul.
A Familiar Story With New Complexity
Cross-chain attacks like this have become the new frontier in DeFi crime, where vulnerabilities in bridges and liquidity routing allow hackers to drain protocols operating across several blockchains at once.
Unlike single-network hacks, these multi-chain exploits are notoriously difficult to investigate – every bridge adds another layer of obfuscation, every swap another delay for forensic tracking.
Experts at Cyvers note that the incident resembles a growing category of multi-protocol breaches where attackers strike several chains simultaneously to overwhelm monitoring systems.
The Wider Implications
The Garden Finance exploit underscores how fragile decentralized ecosystems remain, even after years of auditing and security upgrades. As DeFi protocols race to add interoperability and faster cross-chain liquidity, the same mechanisms that make these systems attractive to investors also widen their attack surface.
While it’s unclear whether the hacker will respond to the bounty, Garden Finance’s outreach reflects a pragmatic approach – in many past cases, such offers have succeeded where law enforcement could not.
For now, the stolen funds continue to move between chains, the trail growing colder with each transaction.
The DeFi world has seen plenty of breaches this year, but few have captured the escalating danger of cross-chain interdependence as vividly as this one.
Garden Finance now joins a long list of projects learning the hard way that in decentralized finance, the more networks you connect, the more doors you leave open.
The information provided in this article is for educational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Alex is Editor-in-Chief of Coindoo and co-founder of Millennial Media Group, with nearly a decade of experience covering financial markets - crypto first, then everything else. It started in 2016 with Bitcoin. Like most people at the time, he didn't fully understand it - so he kept digging. Blockchain, tokenomics, the projects, the cycles. That curiosity never stopped, and eventually pulled him into traditional markets too: equities, commodities, macro. Not because he left crypto behind, but because you can't properly understand one without the other. What drives him is straightforward: he wants to know why something is happening, not just that it's happening. Most market coverage stops at the headline - price up, price down, here's a chart. Alex finds that kind of reporting actively unhelpful. If you walk away from an article without understanding the mechanism behind the move, what did you actually learn? He holds a degree in Tourism from New Bulgarian University - not the most obvious path into financial markets, but markets have a way of pulling in people who are simply too curious to stay out. He has authored over 200 in-depth analyses and more than 10,000 articles across crypto and traditional finance. He still thinks every day in markets teaches him something new. That's probably why he hasn't stopped.
