On October 18, the Tapioca DAO experienced a security vulnerability that led to the seizure of approximately $4.5 million in cryptocurrencies.
The native token TAP experienced a decline in value to less than 10% of its original value as a result of the Tapioca DAO attack. The protocol deployer address compromise was the source of the intrusion, as per Cyvers, a blockchain security firm.
The perpetrator was able to sell 30 million vested TAP tokens after he altered the ownership of the vesting contract after gaining access. Previously, the value of those tokens was approximately $1.40 per unit; however, they are currently worth less than $0.04. In addition to this, the perpetrator proceeded to target the USDO stablecoin contract in order to increase the financial loss.
In total, the perpetrator has transferred approximately $4,405,600, which includes $2.8 million in USDC and $1,575,606 from the USDO/USDC liquidity pool. The proceeds of the Tapioca DAO attack that were stolen were initially converted to ETH and subsequently to USDT. They were then transferred from Arbitrum to BNB Chain, where they are currently located.
The Tapioca DAO team has promptly implemented measures to recoup the previously lost funds. To date, they have successfully transferred 1,000 ETH from a vault to a multisig wallet. This was a critical component of the collateral for its Big Bang Origins and was a necessary measure to prevent additional losses.
The Tapioca DAO attack may have been the consequence of the project team inadvertently engaging with a fraudulent link, which exposed their private keys, according to preliminary investigations. It is intriguing that on-chain detective ZachXBT identified North Korean hackers as the culprits responsible for the infiltration of cryptocurrency projects, given their proclivity for employing such methods.
Nevertheless, Tapioca DAO has collaborated with security companies such as Web3 to trace the flow of misappropriated funds and recover its assets. Conjecturally, the reissuing of a new TAP token was a consideration in order to alleviate the consequences of this breach.
Over the past few months, numerous other DeFi protocols have fallen victim to comparable fraud assaults, such as Radiant Finance, which experienced a distinct intrusion that resulted in the loss of over $50 million.
Also Read: Craig Wright’s new $1 billion lawsuit says that Bitcoin developers “lied to the public”
