Key Takeaways:
- Tapioca DAO suffered a $4.7M hack via a social engineering attack, exploiting vesting contracts for TAP and USDO.
- In response, Tapioca DAO is offering a $1M bounty in USDT to the attacker, larger than typical 10% bounties, to recover the remaining $3.7M.
- Despite the breach, Tapioca recovered 1,000 ETH (~$2.7M), though the hacker still holds $1.5M in ETH after swapping 30M TAP tokens.
Tapioca DAO, a DeFi protocol, recently experienced a $4.7 million hack, primarily through social engineering.
The attack exploited Tapioca’s vesting contract, allowing the hacker to steal 591 Ether (ETH) and $2.8 million in USD Coin (USDC).
Tapioca’s co-founder, “Rektora,” was reportedly phished during an interview, enabling the attacker to access critical contracts.
In response, Tapioca has offered a $1 million bounty, paid in Tether (USDT), to the hacker for returning the remaining $3.7 million.
This bounty is significantly larger than the usual 10% in similar cases.
Despite the hack, Tapioca managed to recover 1,000 ETH ($2.7 million) by hacking the hacker.
However, the hacker still holds 30 million TAP tokens, converted to $1.5 million in ETH and transferred to the BNB Chain.
The hack caused TAP’s value to collapse from $1.40 to $0.02.