Skip to main content
Sign in

Tapioca DAO

avoid.net/tapioca-dao12/100·100% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:north-korea][src:usdo][src:layerzero][src:tap-token][src:stablecoin][src:private-key-compromise][src:lazarus-group][src:cross-chain][src:hack][src:arbitrum][src:defi][src:omnichain][src:2024][src:social-engineering][src:vesting-contract][src:bnb-chain][src:defillama][src:counter-exploit][src:lending][src:zachxbt][src:contagious-interview][src:money-market]
anchored·rXLbxG…ncEi

Summary

Tapioca DAO is an omnichain DeFi money market built on LayerZero, offering a CDP stablecoin (USDO) and isolated lending markets (Singularity/Big Bang) across Arbitrum and BNB Chain. On October 18, 2024, the protocol suffered a critical security breach when a team member was targeted by a social engineering attack attributed to North Korea's Contagious Interview campaign, resulting in private key compromise, drainage of TAP token vesting contracts, and the minting of 5 quintillion USDO. Approximately $4.4–4.7 million was stolen before a partial counter-exploit recovered roughly 996 ETH (~$2.7 million), leaving the protocol treasury down approximately 45% and the TAP token price collapsed over 95%.

Connected Entities

1 entities
Organizations
Tapioca DAO
Relationships
    Have evidence about Tapioca DAO?

    Timeline(8 events)

    2024-10-18

    Tapioca DAO exploit begins at approximately 12:00 PM UK time. Attacker, having compromised 0xRektora's private keys via social engineering, triggers Emergency Rescue function on TAP vesting contract and withdraws approximately 28–30 million TAP tokens.

    2024-10-18

    TAP token price collapses 93–97%, from approximately $1.43 to under $0.05, as attacker swaps 30 million TAP for 591 ETH.

    2024-10-18

    Attacker compromises USDO stablecoin contract and mints approximately 5 quintillion USDO. Approximately $2.8 million USDC and $1.58 million ETH drained from USDO/USDC Uniswap pool. Stolen assets bridged from Arbitrum to BNB Chain via Stargate.

    2024-10-18

    Tapioca Foundation, with assistance from SEAL911 and EnigmaDarkLabs/Fuzzland, executes counter-exploit recovering 996 ETH (~$2.7 million) from attacker before it could be laundered.

    2024-10-18

    ZachXBT publicly links the Tapioca DAO attack to a broader pattern of DeFi hacks (Nexera, Concentric, Masa, SpaceCatch, Reach, Serenity Shield, MurAll) attributed to North Korean state-sponsored threat actors using Contagious Interview / fake job scam vectors.

    2024-10-19

    Tapioca DAO offers attacker a $1 million USDT white-hat bounty with a deadline of October 22, 2024, in exchange for returning approximately $3.7 million in stolen funds.

    2024-10-22

    Bounty deadline passes with no response from attacker. Tapioca DAO revokes the $1 million bounty offer.

    2024-10-22

    Tapioca Foundation publishes post-mortem on Mirror identifying attack as social engineering / Contagious Interview method and attributing it to a North Korean group. DAO treasury reported at approximately $4.2–4.8 million, down ~45% from pre-attack.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:north-koreasrc:usdosrc:layerzerosrc:tap-tokensrc:stablecoinsrc:private-key-compromisesrc:lazarus-groupsrc:cross-chainsrc:hacksrc:arbitrumsrc:defisrc:omnichainsrc:2024src:social-engineeringsrc:vesting-contractsrc:bnb-chainsrc:defillamasrc:counter-exploitsrc:lendingsrc:zachxbtsrc:contagious-interviewsrc:money-market

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet

    generated: 5/4/2026, 2:54:28 AM

    last updated: 5/26/2026, 4:11:12 AM

    avoid.net — verified advice for a post-truth world