Tapioca Foundation Offers $1 Million Bounty Following DeFi Attack
In a groundbreaking move in the decentralized finance (DeFi) space, the Tapioca Foundation has announced a one million dollar bounty aimed at an attacker involved in a recent exploit that led to the theft of a staggering $4.7 million. The foundation detailed this offer in an on-chain message addressed to the attacker’s crypto wallet on October 20, 2023.
A Unique Proposition
This bounty is not your typical compensation; it far exceeds the usual practice of offering a mere 10% of the total stolen amount as an incentive for returning funds. The foundation is willing to allow the attacker to retain the bounty of $1 million, provided that the remaining stolen assets amounting to $3.7 million are returned.
Details of the Attack
The attack occurred on October 18, when the attacker successfully siphoned off 591 Ether (ETH) and approximately $2.8 million worth of USD Coin (USDC). By compromising the ownership of the vesting contract connected to the Tapioca DAO Token (TAP) and the USDO stablecoin, the attacker managed to claim and liquidate vested TAP and also seized control of an infinite amount of USDO, consequently draining a crucial liquidity pool.
Insight from Founders
Matt Marino, the co-founder of Tapioca, unveiled on October 19 that the breach was enabled due to phishing, primarily targeting his fellow co-founder, 'Rektora.' During an interview process, Rektora inadvertently downloaded malicious software that substituted a legitimate transaction with a harmful one, thus providing the attackers with unauthorized access to the contractual systems.
Countermeasures and Recovery
In a twist of events, the Tapioca Foundation reported a remarkable comeback after managing to 'hack the hacker.' They successfully retrieved 1,000 ETH, valued at over $2.7 million at the time, which acted as collateral supporting the USDO stablecoin within the liquidity pool.
Conclusion
This incident underscores the vulnerability of the DeFi space to social engineering attacks and highlights the ongoing battle between project teams and malicious actors. While the foundation’s effort to recover their assets through a generous bounty may seem unconventional, it reflects an innovative approach in tackling the ever-evolving threats within cryptocurrency ecosystems.
Key Takeaways:
- Tapioca Foundation has proposed a $1 million bounty to recover stolen funds.
- The attack resulted in the theft of $4.7 million, including 591 ETH.
- The breach was due to phishing targeting one of its co-founders.
- Tapioca has recovered a portion of the stolen assets.
Leave a comment
All comments are moderated before being published.
This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.