Map Protocol's MAPO Token Crashes 96% Following Massive Minting Exploit

In a shocking turn of events, the value of Map Protocol's native token, MAPO, plummeted by an astounding 96% following a catastrophic exploit that saw a quadrillion tokens minted. This exploit has reignited concerns over security vulnerabilities within decentralized finance platforms.

The incident unfolded on May 21, 2026, when an attacker successfully deceived the Butter Network's cross-chain bridge, creating a minting flood that dwarfed the legitimate supply of MAPO. This manipulation sent the token's value tumbling from approximately $0.003 to a mere $0.0001 in a matter of hours, as reported by CoinGecko.

The attacker, utilizing a newly created externally-owned account (EOA), offloaded around one billion MAPO tokens and extracted about 52 ETH, valued at approximately $180,000, from Uniswap liquidity pools. This left a staggering nearly trillion tokens still in possession of the attacker, posing ongoing risks to other liquidity pools and potential exchange listings, according to a Blockaid report.

Widespread Vulnerabilities in the DeFi Sector

This unsettling incident is part of a troubling trend, with at least 18 DeFi and blockchain protocols suffering breaches in the same month, including notable platforms like THORChain and Transit Finance. In response, Map Protocol acknowledged a critical vulnerability in its Solidity contract layer, subsequently pausing its mainnet operations while launching an investigation. The Butter Network also announced a temporary halt to ButterSwap, adding that user funds remained secure.

In their latest communication, Map Protocol stated intentions to issue a new contract address and conduct an asset snapshot, assuring stakeholders that any remaining tokens controlled by the exploiters would be rendered invalid for future transactions. This aligns with their commitment to restoring trust within the community.

Technical Insights Behind the Attack

Blockaid provided further insights into the exploit mechanism, detailing how the attacker initially sent a legitimate oracle multisig-signed message before deploying a malicious contract. Following this, a tampered “retry” message resembling its original hash was deceitfully resubmitted, fooling the cross-chain bridge into executing the minting of an astronomical amount of tokens. Importantly, the attack did not involve the theft of private keys or break any light clients; rather, it exploited a typical Solidity vulnerability related to dynamic fields.

The security breach reflects larger repercussions across the DeFi landscape, as platforms like TON-TAC also faced similar issues, highlighting systemic security flaws in cross-chain bridges. Their recent post-mortem report revealed a significant $2.68 million exploit, further emphasizing the urgency for enhanced security measures across decentralized protocols.

Map Protocol's Response and Future Actions

As part of their recovery plan, Map Protocol is expected to announce new safety measures and adjustments to help safeguard the integrity of its ecosystem. The ongoing situation is being closely monitored by crypto experts and investors alike, as the repercussions of such exploits extend beyond individual tokens, affecting the broader market sentiment and confidence in decentralized finance systems.

As the situation develops, stakeholders are urged to remain vigilant and informed about further updates from Map Protocol and related entities within the DeFi space.

Source: Cointelegraph

Source: CoinTelegraph DeFi