Tapioca DAO Offers Bounty to Entice Hacker

Reading Time: 2 minutes
  • DeFi platform Tapioca DAO is using a higher bounty to recover $4.7 million
  • Tapioca has offered more than 20% of the hacked funds to the attacker
  • The DeFi platform said that the hacker used a social engineering scheme to infiltrate the protocol

DeFi protocol Tapioca DAO has offered its hacker a bug bounty of $1 million, which is more than 20% of the $4.7 million siphoned from the platform. The protocol said that the hacker used a “social engineering” scheme to compromise several liquidity pools and the network’s “token vesting contract.” Tapioca said that the bounty is meant to entice the hacker into returning most of the funds, something that may become the industry standard instead of the usual bounty amount of 10%.

No Strings Attached

Tapioca sent an on-chain message to the attacker noting that the bounty allows the hacker to keep the funds “that are fully legally” theirs. The protocol added that the bounty doesn’t come with “strings attached.”

The Tapioca Foundation disclosed that they’ve involved “necessary individuals and entities,” an indication it may involve law enforcement agencies in case the hacker decides to keep the entire loot.

Tapioca has warned users against interacting “with any Tapioca contracts.” It has also revealed that it’s conducting a post-mortem of the incident and devising a migration plan for its native token.

The protocol’s TAP token value has plummeted from a high of around $1.45 on October 19 to a low of $0.014 on October 21 according to CoinGecko. The protocol admitted to being hacked on October 18.

Not Every Hacker Wants a Bounty

Tapioca offering a higher bounty than the usual 10% isn’t a guarantee that the hacker will return the funds. In the past, malicious actors like the PlayDapp hacker have refused to take a white hat bounty.

Others like the Mango Markets attacker have ignored a bounty and expressed the need to keep the loot despite being identified and taken to court.

With the hacker yet to transfer the stolen funds to other wallets, it’s likely he’ll take the bounty.

Share