TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole

BitcoinWorld

TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole

Blockchain project TAC has successfully recovered the majority of funds stolen in a $2.85 million exploit targeting its TON bridge on May 11, according to a detailed post-mortem report released by the team. The incident, which involved a sophisticated attack on the bridge’s verification system, initially resulted in the loss of locked assets on the TON side and the unauthorized issuance of uncollateralized assets on the TAC platform.

How the Exploit Worked

The post-mortem reveals that the attacker bypassed the bridge’s code hash verification by deploying a counterfeit contract designed to mimic a legitimate jetton wallet. This fraudulent contract tricked the bridge into processing fake inputs as valid USDT deposits. As a result, the bridge issued uncollateralized assets on the TAC side while draining the corresponding locked assets from the TON network.

The stolen funds were quickly laundered across multiple blockchain networks using the LayerZero interoperability protocol, a common tactic employed by attackers to obscure the trail and complicate recovery efforts. Security firm Hypernative detected the breach immediately, but initial recovery attempts were unsuccessful.

Recovery and User Compensation

Despite the early setback, TAC stated that it has recovered most of the stolen funds through direct negotiations with involved parties. To ensure no user bears a loss, the project will use its foundation treasury to cover any remaining shortfall, guaranteeing that all affected users are fully compensated.

The team emphasized that the bridge’s sequencer, which was paused following the exploit, will be gradually reactivated only after undergoing external audits and peer reviews to prevent a recurrence.

Why This Matters for DeFi Security

This incident highlights a persistent vulnerability in cross-chain bridge infrastructure: the reliance on code hash verification as a security gate. Attackers are increasingly finding ways to deploy look-alike contracts that pass superficial checks, exploiting trust assumptions in the verification process. For users, the outcome here is relatively positive, but it underscores the importance of using bridges that have undergone rigorous, independent security audits and maintain robust monitoring systems.

The speed with which funds were moved across networks via LayerZero also demonstrates the growing sophistication of crypto laundering techniques, placing additional pressure on security firms and blockchain analytics platforms to improve real-time detection capabilities.

Conclusion

TAC’s swift recovery of most funds and its commitment to full user compensation represent a best-case scenario following a serious security breach. However, the attack serves as a reminder that cross-chain bridges remain high-value targets. The project’s decision to subject its patched sequencer to external audits before full reactivation is a prudent step toward rebuilding user trust and strengthening long-term security posture.

FAQs

Q1: How much was stolen in the TAC bridge exploit?
The attacker drained approximately $2.85 million in locked assets from the TON side of the bridge.

Q2: Will TAC users lose money from this hack?
No. TAC has recovered most of the funds and will use foundation reserves to cover any remaining losses, ensuring all users are fully compensated.

Q3: What security flaw did the attacker exploit?
The attacker bypassed the bridge’s code hash verification by deploying a counterfeit contract that mimicked a legitimate jetton wallet, tricking the bridge into processing fake USDT deposits.

This post TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole first appeared on BitcoinWorld.