An attacker minted ~5 billion unauthorized SYS tokens by exploiting a parsing error in Syscoin bridge proof validation; all unauthorized SYS were returned and burned.
On June 7, 2026, the Syscoin Bridge was exploited through a parsing error in its proof validation logic. The attacker minted approximately 5 billion unauthorized SYS tokens, resulting in approximately $10M in exposure. All unauthorized SYS tokens were subsequently returned and burned, achieving a full recovery.
No laundering activity observed. All unauthorized SYS tokens returned and burned.
N/A