Blockchain security firm PeckShield first raised the alarm on May 20, 2026, reporting the unauthorized minting of a staggering 1,000 trillion MAPO tokens on the Map Protocol network. The firm publicly called on the project team to confirm the incident and provide an explanation. Within hours, Map Protocol officially confirmed a severe security breach, revealing that an attacker had minted one quadrillion MAPO tokens — an extreme supply inflation that far exceeded any legitimate tokenomics.
In an emergency response, Map Protocol immediately suspended the swap service between its BSC and ERC20-based MAPO tokens and the native mainnet MAPO token. The team also notified multiple centralized exchanges to halt all deposits and withdrawals of MAPO, while warning users to avoid trading the compromised token on decentralized exchanges like Uniswap and PancakeSwap. These measures aim to prevent the ill-gotten tokens from entering circulation and causing a catastrophic price collapse.
The project outlined a recovery plan centered on a token swap and asset snapshot. A new contract address will be issued, and only MAPO holdings in personal wallets at the time of the snapshot will be eligible for migration. Crucially, the hacker's address will be invalidated and excluded from the snapshot, effectively burning the entire quadrillion tokens. The exact vulnerability exploited remains undisclosed, but the sheer scale of the minting points to a complete compromise of the mint function, a stark reminder of the risks inherent in cross-chain infrastructure.
For MAPO holders, the immediate priority is to refrain from any transactions involving the old contract and to await official communication. The incident has already damaged trust in Map Protocol, an omnichain interoperability layer, and is likely to negatively impact the token's price and long-term adoption prospects. This event underscores the critical need for rigorous smart contract audits and real-time security monitoring across the DeFi and blockchain infrastructure sectors.
