The Tapioca Foundation has extended a $1 million bounty offer to the hacker responsible for a devastating $4.7 million theft from its decentralized finance (DeFi) protocol. The foundation issued an on-chain message on October 20, addressing the attacker directly and proposing a settlement with an incentive.
Tapiocaâs bounty, offered in Tether (USDT), is far more generous than the typical 10% rate seen in similar situations, aiming to entice the hacker into returning the remaining $3.7 million.
The breach occurred on October 18 when the foundation revealed it had suffered a âsocial engineering attack,â resulting in the loss of 591 Ether (ETH) and $2.8 million in USD Coin (USDC). The attacker exploited the vesting contract for Tapioca DAO Token (TAP) and its USDO stablecoin, seizing control of the assets and draining liquidity pools in the process.
Hack Recovery Efforts
The Tapioca Foundation believes the attack was initiated through a phishing scheme targeting one of its co-founders. According to Matt Marino, co-founder of Tapioca, a fellow co-founder known as âRektoraâ downloaded malicious software during an interview process. This software allowed the attacker to replace a legitimate transaction with a malicious one, ultimately granting access to sensitive contracts.
The attacker withdrew approximately 30 million TAP tokens from the vesting contract, swapped them for $1.5 million worth of ETH, and converted that into USDT. The funds were then sent to the BNB Chain, where they remain, as shown by transactions in the attackerâs wallet.
Tapioca Recovers $2.7M from Attackerâs Collateral
The Tapioca team managed to âhack the hacker.â On October 19, Marino shared on the projectâs Discord that they had recovered 1,000 ETH, worth over $2.7 million, from the collateral backing the USDO stablecoin.
While this recovery represents a partial victory for Tapioca, the TAP tokenâs value has plunged since the attack. Once trading at $1.40, the token has now crashed to just 2 cents.
The foundationâs unusual bounty offer remains open, though the attackerâs intentions and next steps are still unclear. Tapiocaâs move is yet another reminder of the risks associated with DeFi protocols, even as teams scramble to mitigate such threats.
The post Tapioca Foundation Offers $1M Bounty After $4.7M DeFi Hack appeared first on TheCoinrise.com.