Garden Finance hack: $5.5M–$10M stolen, 10% white-hat bounty

Garden Finance hack drained at least $5.5M from its cross-chain bridge on Arbitrum, Solana and other networks, with losses potentially reaching $10M. Attackers, suspected to be DPRK-linked group DangerousPassword, exploited a vulnerability to withdraw WETH, WBTC, cbBTC and SEED tokens and swap them through the MetaMask router. Garden Finance confirmed the exploit on-chain and offered a 10% white-hat bounty for fund recovery and vulnerability disclosure, but the hacker has not responded. On-chain analysis reveals up to 25% of bridge inflows came from past hacks (Swissborg, Bybit), highlighting persistent DeFi bridge risks. The exploit caused the SEED token to plunge 64% on Uniswap, from $0.536 to $0.19 before rebounding to $0.23, cutting its market cap to $2.5M. This event underscores the need for real-time monitoring, compliance and cross-chain bridge security. Traders should watch SEED liquidity, regulatory responses and security upgrades as the market adapts.