Tapioca DAO has hit back against its hacker after the fledgling DeFi lending protocol was kneecapped by a $4.7 million exploit

In a post-mortem report, the protocol revealed it used a counter exploit to take back 996 Ether — worth $2.7 million — that the hacker stole.

“The security team utilised an exploit to recover the ETH from the attacker before he could launder it,” the report said, withholding the specific details of how the counter exploit was conducted.

The move turns Tapioca’s loss from a near wipe-out to a more manageable 45% loss.

The post-mortem also revealed that a North Korean group was behind the attack. The group used a social engineering attack to trick a Tapioca DAO engineer into downloading malware.

In response, Tapioca offered the hacker a $1 million bounty to return the funds by October 22, which has since been revoked.

Hackers from the hermit kingdom don’t usually accept such bounties.

Tapioca’s counter exploit isn’t the first time a protocol has forcibly taken back stolen funds from a hacker.

In 2023, developers behind Oasis, the then-main gateway for top DeFi lending protocol Maker, reclaimed $140 million of stolen crypto from the Wormhole bridge hack.