TesseraDAO’s TSR token plunged after early on-chain tracking tied a BNB Chain exploit to a massive unauthorized mint, a rapid market dump and Tornado Cash deposits.
The attacker allegedly minted 99 million TSR tokens, sold them into available liquidity and extracted about $2.4 million before the token price collapsed by roughly 99%. The theft address identified in the tracking was 0x2201037A1755eC48eC5f00Fea21A10A9E56f2Dd8.
The incident appears to be a token-supply attack rather than a broad BNB Chain failure. That distinction is important for users watching BNB Chain security because the chain itself continued operating normally, while the damage centered on TSR’s contract and market structure. In these cases, the liquidity pool becomes the exit route, but the deeper weakness often sits in mint permissions, token controls, ownership paths or contract logic.
The crash left TSR holders exposed to the most damaging type of token exploit: new supply entering the market without normal economic backing. Once the attacker could mint a large balance, the trade became simple. Sell into liquidity, drain paired assets and move the proceeds before the market can reprice the token.
Tornado Cash Routing Raises Recovery Pressure
The attacker has already moved funds into Tornado Cash, shrinking the clean recovery window for investigators, exchanges and any affected market participants. Mixer deposits do not make funds impossible to trace, but they break straightforward wallet-to-wallet visibility and can slow exchange-level freezes if proceeds are split into smaller routes.
The timing also lands during a heavier run of DeFi laundering activity. The same tracking update flagged fresh Tornado Cash deposits from wallets linked to the UXLINK exploiter, with approximately $7.1 million deposited so far. That keeps the older UXLINK exploit in focus after earlier movements showed the attacker converting large ETH and WBTC balances into DAI as stolen funds continued to move.
TesseraDAO’s incident is smaller than UXLINK, but the pattern is familiar. Attackers are increasingly moving quickly from exploit execution to market dumping and privacy routing. The first few hours can decide whether funds remain traceable enough for exchanges, bridges, stablecoin issuers or investigators to intervene.
BNB Chain Incidents Keep Testing Token Controls
The TSR exploit adds another BNB Chain case to an already busy security stretch. A recent AROS attack on BNB Chainshowed how smaller token-level incidents can still damage user confidence when liquidity, routing and contract mechanics are unclear. Fluid’s recent rewards-system drain showed a different control-path failure, where compromised operational roles allowed a reward distribution process to be abused.
TSR now points to the supply side of the same security problem. Token holders do not only face bridge risk, oracle risk or liquidity risk. They also face permission risk if a contract allows new tokens to be minted, unlocked or moved through privileged paths without enough safeguards.
For projects, the immediate checklist is narrow: identify the mint path, disable any vulnerable control function, publish the affected contract and transaction trail, confirm whether ownership or admin keys were compromised, and state whether remaining liquidity or user-held TSR balances are still exposed. For exchanges and liquidity providers, the key question is whether the attacker has finished selling or still controls additional supply.
The sharper market lesson is that token security is market structure security. If supply controls fail, the price chart becomes the exploit surface. TSR’s 99% collapse shows how quickly a contract-level weakness can turn into a full market wipeout when unauthorized supply meets thin liquidity and fast laundering routes.
Be the first to comment