A major shock hit cryptocurrency markets when the MAPO token crashed nearly 96% after a vulnerability in the Butter Network cross-chain bridge was exploited. The attacker created an enormous number of unauthorized tokens, flooding the market with supply far beyond legitimate circulation.
The sudden imbalance disrupted trading across Ethereum-linked decentralized finance platforms and triggered widespread panic selling.
Blockchain security researchers found that the flaw allowed the creation of one quadrillion MAPO tokens, vastly exceeding the project’s intended supply. Investors reacted quickly, dumping holdings as confidence collapsed.
Within hours, the token’s value fell from nearly $0.003 to around $0.0001, wiping out significant market value and damaging trust in the ecosystem.
The attack centered on Butter Network bridge infrastructure. Investigators reported that a newly created external wallet was used to move roughly one billion MAPO tokens into decentralized exchanges.
During the exploit, nearly 52 ETH, worth about $180,000 at the time, was drained from Uniswap liquidity pools. Analysts traced the activity back to the bridge vulnerability and the attacker’s newly established account.
Although a large portion of the unauthorized tokens was sold, researchers noted that the attacker still controlled nearly a trillion MAPO tokens.
Those remaining holdings continue to threaten liquidity pools and exchanges supporting the token. The incident once again highlights the security challenges facing cross-chain bridges, which remain attractive targets because of their complexity and large asset reserves.
The exploit adds to a growing list of attacks affecting blockchain and decentralized finance projects.
Security experts have repeatedly warned that systems connecting multiple networks create additional risks. Vulnerabilities within cross-chain infrastructure can remain hidden until specific conditions trigger them, making these platforms particularly difficult to secure.
Following the breach, Map Protocol confirmed that the issue originated within its Solidity-based smart contracts.
The project temporarily paused mainnet operations and began migration efforts while the investigation continued. Butter Network also suspended ButterSwap services as a precaution, though officials stated that user funds were not directly compromised.
The team later announced plans for a new contract deployment and a snapshot of token holdings to support recovery efforts.
Any assets remaining in attacker-controlled wallets will be invalidated and excluded from future migration or conversion processes. Blockchain records showed that nearly one billion MAPO tokens were transferred to Uniswap shortly after the unauthorized minting occurred.
Further analysis revealed that the attacker first submitted a legitimate oracle multisignature message before deploying a malicious smart contract at a carefully selected address.
A manipulated retry message was then resent with the same transaction hash, making it appear authentic. Because the bridge incorrectly validated the altered message, it approved the creation of the massive token supply.
Researchers emphasized that no private keys were stolen and no light-client systems were compromised.
Instead, the breach resulted from a smart contract validation flaw involving dynamic fields in Solidity code.
The incident demonstrat
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article:
Related
