The decentralized finance (DeFi) platform, Tapioca DAO, experienced a security incident on October 18, resulting in a dramatic decline of more than 90% in its native TAP token’s value.
Overview of the Incident
According to blockchain cybersecurity firm Cyvers, the breach occurred when the protocol’s deployer address was compromised, leading to unauthorized alterations in the token vesting contract’s ownership structure.
The Exploit
Using this vulnerability, the perpetrator managed to withdraw over 21 million TAP tokens by leveraging an emergency rescue function. Subsequently, these tokens were swapped for approximately 591 ETH, causing a staggering 93% crash in the TAP token price.
On further investigation, it was found that the hacker used Stargate to transfer a portion of the stolen assets to the BNB Chain. At the time of reporting, the compromised wallet contained about $4.7 million in BSC-USD and USDC.
Cyvers estimates the total financial damage from this breach to be around $16.9 million, while another Web3 security auditing firm, Hacken, suggested that losses could be as high as $38 million.
Risks and Response
In the wake of the attack, Hacken has alerted users to potential phishing attempts. Cybercriminals are spreading fraudulent links that promise refunds and urge users to revoke their accounts.
“We’ve noticed fraudulent accounts pretending to be Tapioca_dao posting phishing links in this thread. Please refrain from interacting with any suspicious links or messages purportedly from Tapioca. Stay vigilant and safeguard your assets.”
As of now, Tapioca DAO has not made any public statement regarding the breach.
Potential Connections to North Korea
On-chain investigator ZachXBT proposed that the breach might be tied to malware inadvertently downloaded by a team member. He highlighted that this incident could be part of a larger pattern of attacks on various projects such as Nexera, Concentric, Masa, and others.
Furthermore, ZachXBT suggested that these attacks may be orchestrated through elaborate fake job scams, possibly involving state-sponsored actors from North Korea. Nonetheless, there is currently no definitive proof linking the Tapioca breach to North Korea.
Also Mentioned
This rewritten version maintains the core information of the original article while optimizing the structure with appropriate HTML headings and bullet points for clarity.