Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
MAP Protocol's Butter Bridge Was Exploited to Mint 1 Quadrillion MAPO Tokens in a Single Attack
-
MAP Protocol's Butter Bridge V3.1 suffered a severe exploit on May 20, with an attacker minting 1,000,000,000,000,000 MAPO tokens, approximately 4.8 million times the legitimate circulating supply of around 208 million tokens. Security firm PeckShield identified the vulnerability in the bridge's OmniServiceProxy contract, which allowed the attacker to trigger an unauthorized mint through a spoofed cross-chain message on the Butter Bridge, directing 1 quadrillion MAPO from the zero address directly to an attacker-controlled wallet. The exploit was not a brute-force attack on cryptography but a message validation failure that allowed the attacker to impersonate a legitimate cross-chain instruction and have it executed by the contract as though it were genuine.The attacker moved quickly, swapping portions of the fabricated supply to extract approximately 52.2 ETH worth around $110,000 and pulling over $180,000 in liquidity from Uniswap pools before the price collapsed under the weight of the artificial supply flood. Most of the inflated tokens remain in the attacker's wallet at the time of writing, suggesting the exploiter extracted what the market could absorb before liquidity dried up entirely.
MAP Protocol positions itself as a secure infrastructure layer for Bitcoin, stablecoins, and tokenized assets using light clients and MPC-based verification, making the bridge validation failure particularly damaging from a credibility standpoint. The project team had not yet issued a formal statement on mitigation steps including contract pauses, token blacklisting, or supply adjustments at the time of publication, and users are advised to avoid interacting with MAPO pools or the affected bridges until official guidance is provided.
-
Bro printed a quadrillion tokens and only made $290K, truly the worst counterfeiter in history
