Hacker Drains $2.4 Million From TesseraDAO Through Unauthorized TSR Minting

Key Takeaways

TesseraDAO suffered a major security breach after a hacker reportedly gained access to an admin key on BNB Chain.

The attacker minted approximately 99 million TSR tokens and immediately sold them on the open market.

TSR’s price collapsed by nearly 100% within hours, falling to around $0.0002.

A hacker has stolen approximately $2.4 million from TesseraDAO after breaking into the project’s core controls on the BNB Chain, dealing a likely fatal blow to the protocol and sending its native token into near-total collapse.

🚨 Huge crash for $TSR/USDT.

A hacker reportedly exploited the project and minted 99 million $TSR tokens on BNB Chain.

They immediately sold all the tokens, causing massive selling pressure.

As a result, the price of $TSR collapsed by nearly 100% in just one day, falling to… pic.twitter.com/YaqIbu4CT5
— Master of Crypto (@MasterCryptoHq) June 2, 2026

Blockchain security trackers caught the attack early, showing that the hacker used a stolen admin key to create roughly 99 million TSR tokens from nothing, then immediately sold them all off. The sudden wave of new tokens crashed the price within hours, wiping out most of the token’s value and leaving investors with heavy losses.

The breach is the latest in a growing series of admin key attacks hitting DeFi projects on BNB Chain, putting a spotlight on the risks of having a single point of control in platforms that claim to be decentralized. For TesseraDAO, the damage was swift: traders rushed to sell as the project fell apart in real time, with little hope of recovery.

99 Million TSR Tokens Flood the Market

With admin access secured, the attacker moved fast. Using the stolen key, they bypassed TesseraDAO’s token controls and created 99 million TSR tokens out of nothing, instantly flooding the supply and destroying confidence in the token’s value.

The sell-off was immediate and brutal. The hacker dumped the freshly minted tokens into liquidity pools and trading markets, unleashing a wave of sell orders that buyers could not keep up with. TSR’s price crashed almost instantly.

For crypto security watchers, the sequence was painfully familiar: a stolen admin key, an unlimited mint, a mass dump, and a collapsed token. Critics say it exposes a core contradiction in many DeFi projects: they promise decentralization while quietly maintaining backdoors that a single attacker can exploit.

TSR Price Crashes Nearly 100%

Source – TSR 24hr Price Chart from Bitget

The exploit had an immediate impact on the token’s valuation. Before the attack, TSR traded at significantly higher levels. However, the mass token dump triggered one of the steepest declines seen among smaller-cap crypto assets this year.

Within a single day, TSR lost nearly all of its value, falling to approximately $0.0002. The collapse effectively erased a substantial portion of the project’s market capitalization and left many holders with severe losses.

Price charts showed an almost vertical decline as panic selling accelerated alongside the hacker’s token liquidation. For investors, the incident serves as another reminder of the risks associated with projects that maintain privileged administrative controls over token contracts.

Stolen Funds Bridged to Ethereum

Following the sale of the newly minted tokens, the attacker converted the proceeds into stablecoins. Blockchain data indicates that roughly $2.5 million in USDT was obtained through the liquidation process. The funds were subsequently bridged from BNB Chain to Ethereum, a common tactic used by attackers to move assets across networks and complicate tracking efforts.

Cross-chain bridges have frequently been used in previous exploits as hackers attempt to create additional layers between the original theft and the final destination of funds. Investigators continued monitoring the wallet movements as the assets traveled through multiple transactions once they reached Ethereum.

Over 1,285 ETH Sent Through Tornado Cash

After arriving on Ethereum, the attacker reportedly swapped a portion of the funds into Ether and moved approximately 1,285.5 ETH through Tornado Cash.

Tornado Cash is a cryptocurrency mixing protocol designed to enhance transaction privacy by breaking the on-chain link between deposits and withdrawals. While the protocol has legitimate privacy applications, it has also been repeatedly used by hackers seeking to obscure the origin of stolen funds.

The movement of funds through Tornado Cash significantly reduces the ability of investigators to trace the final destination of the assets, making recovery efforts considerably more challenging.

Security Risks Remain a Major Challenge

The TesseraDAO exploit highlights a recurring issue across the crypto industry: the risks associated with compromised administrative privileges.

While smart contract vulnerabilities often receive the most attention, compromises of admin keys can be equally devastating. When a malicious actor gains access to privileged controls, they may mint tokens, drain treasury funds, modify protocol parameters, or otherwise manipulate critical aspects of a project.

Security experts frequently recommend measures such as multi-signature wallets, hardware security modules, access controls, and decentralized governance structures to reduce the risks tied to single points of failure.

Final Thoughts

The collapse of TSR demonstrates how quickly conditions can change in the cryptocurrency market. In a matter of hours, a single exploit erased millions of dollars in value, devastated the token’s price, and shook confidence in the project. While blockchain technology offers transparency and financial innovation, security failures continue to pose significant risks for both protocols and investors. As investigations continue, the incident serves as another example of how one compromised key can trigger a chain reaction capable of wiping out a project’s value almost overnight.

Frequently Asked Questions

What happened in the TesseraDAO hack?

TesseraDAO was exploited after a hacker reportedly gained access to an admin key on BNB Chain. The attacker minted about 99 million TSR tokens and sold them immediately, causing the token to crash nearly 100% and resulting in an estimated $2.4 million loss.

How did the hacker mint 99 million TSR tokens?

The attacker is believed to have used a compromised admin key to access privileged functions in the protocol. This allowed them to mint large amounts of TSR outside normal supply rules, bypassing standard controls.

Why did TSR’s price collapse so fast?

The newly minted tokens were quickly dumped into the market. The sudden oversupply combined with aggressive selling overwhelmed liquidity, triggering a rapid price collapse within hours.

What happened to the stolen funds?

After selling the tokens, the attacker converted proceeds into USDT, bridged funds from BNB Chain to Ethereum, and moved about 1,285.5 ETH through Tornado Cash to obscure the transaction trail.

You Might Also Like: