- The MAPO token price plummeted 96% when a Butter Network cross-chain bridge hack enabled an attacker to create a quadrillion MAPO tokens, significantly beyond the legitimate quantity.
- Exchanges and liquidity providers are at risk because the hacker allegedly dumped 1 billion MAPO tokens, removing about 52 ETH ($180,000) from Uniswap liquidity pools while keeping trillions of tokens.
- After discovering a Solidity contract vulnerability, Map Protocol halted its mainnet and began migrating, while Butter Network suspended ButterSwap but claimed user funds were still secure.
How Did a Hacker Mint a Quadrillion MAPO Tokens and Crash the Price 96%? The Map Protocol’s native token, MAPO, dropped 96% on Wednesday as a result of an attacker minting a quadrillion MAPO tokens through an exploit of the Butter Network cross-chain bridge.
According to CoinGecko, the value of MAPO dropped from about $0.003 to $0.0001 in a couple of hours since the fraudulent mint was tens of thousands of times larger than the legal quantity of tokens.
According to Blockaid on Wednesday, the attacker used a new externally-owned account (EOA) to dump about a billion MAPO tokens, draining approximately 52 ETH, or $180,000, from Uniswap liquidity pools while keeping nearly a trillion tokens that continue to pose a threat to other pools and possible exchange listings.
How A Solidity Bug Triggered The Massive MAPO Token Crash?
At least eighteen DeFi and blockchain protocols, including THORChain, Verus Protocol’s Ethereum bridge, Transit Finance, TrustedVolumes, Ekubo, Echo Protocol, and RetoSwap, have been compromised in the last month.
According to the Map Protocol, the bug was in the Solidity contract layer. While the investigation is ongoing, the mainnet has been halted, and migration has started. ButterSwap has been put on hold, according to the Butter Network, which also stated that customer funds are not in danger.
The Map Protocol project stated in its most recent article that it would choose a suitable time to do an asset snapshot and announce a new contract address. According to the statement, “any remaining tokens held by attacker-controlled addresses will be fully invalidated and will not be included in any future snapshot or conversion process.”
How Did The MAPO Hacker Mint A Quadrillion Tokens?
Before launching a malicious contract at a particular address, the MAPO attacker initially transmitted a genuine Oracle multisig-signed message.
After that, the attacker resent a modified “retry” message that was phony but looked exactly the same in the hash. The enormous token mint was carried out when the cross-chain bridge confirmed its validity.
According to Blockaid, it was a conventional Solidity vulnerability involving several dynamic fields; neither private keys nor light clients were compromised.
Map Protocol is an omnichain network that links the Bitcoin mainnet to ecosystems like Ethereum, BNB Chain, Tron, and Solana. It facilitates the exchange of Bitcoin, stablecoins, and tokenized assets between blockchains.
TON-TAC Post-mortem Explains $2.68M Unauthorized Token Mint
A post-mortem describing the $2.68 million exploit that took place on May 11 was released on Thursday by the TON-TAC asset bridge, a cross-chain bridge intended as a network extension for The Open Network.
The Verus-Ethereum Bridge, Echo Bridge, and Butter Network’s cross-chain bridge are just a few of the cross-chain bridge exploits that have surged in recent weeks.
The “security incident” resulted from the sequencer software’s lack of validation, which allowed another unauthorized token mint by accepting a fake wallet on TONNE that lacked the necessary code-hash and minter checks.
About 80% of the impacted assets were recovered, but the bridge is now on hold in order to restore liquidity and conduct an independent audit of the patched sequencer, it continued.
Stay informed with the latest trends in Web3, blockchain innovation, and cybersecurity updates at 3verseTV
You need to login in order to Like
Leave a comment