On May 12, 2026, the TAC bridge, designed to move assets between the Ethereum blockchain and the Telegram-linked TON chain, suffered an exploit resulting in the theft of $2.8 million. The project team quickly paused operations on the bridge following the attack.
Cross-chain bridges allow users to transfer digital assets between otherwise incompatible blockchain networks. The TAC bridge specifically enabled liquidity to flow from the established Ethereum ecosystem into the newer TON chain, which is gaining traction due to its association with the Telegram messaging app. These bridges typically operate by locking assets on one chain and minting equivalent "wrapped" tokens on the destination chain.
The exact technical vector of the TAC exploit remains under investigation. However, such breaches often stem from vulnerabilities in smart contracts, compromised private keys managing the bridge's reserves, or flaws in the oracle systems that relay information between chains. Attackers target these critical points of control and liquidity.
The TAC team announced intentions to "restore bridge liquidity through a legally structured sale of Foundation's TAC token treasury reserves." This strategy suggests the project aims to use its own holdings of TAC tokens to either repurchase the stolen assets or directly compensate affected users. This approach is complex and requires careful execution to avoid market destabilization for the TAC token itself.
Users who had funds in transit across the bridge or held assets locked within its smart contracts at the time of the attack are the primary victims. Their assets are now part of the $2.8 million stolen sum, and their recovery depends on the project's success in implementing its restoration plan.
This incident adds to a troubling pattern of high-value exploits targeting cross-chain bridges across the cryptocurrency landscape. Billions of dollars have been siphoned from similar protocols in recent years. The Ronin Bridge, which supported the play-to-earn game Axie Infinity, lost over $600 million in March 2022. The Wormhole Bridge suffered a $325 million exploit a month prior, and the Harmony Horizon Bridge was drained of $100 million in June 2022. These attacks underscore the significant security challenges inherent in moving assets between disparate blockchain ecosystems.
Bridges are often prime targets because they concentrate substantial liquidity and present complex attack surfaces. Their reliance on smart contracts and multi-signature schemes can introduce vulnerabilities if not rigorously audited and continuously monitored. The recurring nature of these exploits has spurred industry-wide efforts to develop more resilient bridge architectures, including fully decentralized designs and enhanced formal verification of smart contract code.
Financial regulators globally have started to pay closer attention to the security and operational risks associated with digital asset bridges. While no specific regulatory action has been announced regarding the TAC incident, general discussions among bodies like the U.S. Securities and Exchange Commission (SEC) and the Financial Crimes Enforcement Network (FinCEN) increasingly address the need for greater transparency and consumer protection in cross-chain operations.
Recovering stolen digital assets after such exploits remains a formidable challenge for victims and law enforcement alike. Attackers frequently employ sophisticated techniques to obscure transaction trails, moving funds rapidly through mixers, decentralized exchanges, and multiple blockchain networks. This complicates tracing and seizure efforts.
The TAC team's investigation into the May 12 exploit remains active, with further updates on their recovery plan and efforts to identify the attackers expected as the situation develops.