He exploited a vulnerability in the Hyperbridge inter-network gateway, which connects various blockchains. The vulnerability targeted the bridge contract, not the main Polkadot network. The native Polkadot token, DOT, was not affected. The vulnerability involved the EthereumHost contract in Hyperbridge checking inbound inter-network messages before passing them to the TokenGateway. Despite issuing 1 billion DOT, the malefactor earned only 108.2 ETH ($253,000). The criminal issued 47.6% of the token supply. However, due to low liquidity, they sold them significantly below the market value of $1.2 billion.