TechFlow reports that on May 14, TAC announced its cross-chain layer on TON was exploited by an external attacker, resulting in approximately $2.8 million in losses involving USDT, BLUM, and tsTON. TAC stated that the TAC token, TON, and all ERC-20 tokens bridged from Ethereum remain unaffected. The bridge has been temporarily suspended while the team conducts forensic analysis and implements fixes. TAC plans to restore bridge liquidity and compensate affected users through a legally structured sale of treasury reserves of TAC tokens held by the foundation.
The TAC team added that if the attacker returns the funds to the designated multi-signature address, the incident will be treated as a white-hat rescue, and no legal action will be taken against the operators of the involved addresses (on ETH/BSC, ZEC, and TON). The attacker would receive a bounty of approximately 10%, amounting to roughly 13 ETH + 300 ZEC.
