TesseraDAO’s TSR token collapsed after an attacker minted 99 million TSR on BNB Chain and sold the tokens into decentralized liquidity, according to PeckShield. Specter said the attacker dumped the newly minted tokens for about $2.4 million, while PeckShield-linked reports placed the proceeds closer to 2.5 million USDT.
The incident sent TSR down by about 99%, the attacker bridged funds to Ethereum after the sale and later moved 1,285.5 ETH through Tornado Cash. The available public reports do not include a formal TesseraDAO postmortem or a confirmed project statement explaining the root cause.
#PeckShieldAlert Specter has reported that 99M $TSR was minted and dumped (-99%) on #BNBchain ~19 hours ago @TesseraDao.
The exploiter swapped the $TSR for ~2.5M $USDT, bridged the stolen funds to #Ethereum, and has already laundered 1,285.5 $ETH via #TornadoCash. pic.twitter.com/6cXKDyQi9l
— PeckShieldAlert (@PeckShieldAlert) June 2, 2026
Mint Transaction Points to Supply-Control Failure
BscScan data showed that the mint transaction occurred on June 1, 2026, at 11:38:25 UTC, under transaction hash 0x25093e573c116562c8839dc67a15ac21761271006a8dfe50b18fa475564bfcd1. The attacker address as 0x2201037A1755eC48eC5f00Fea21A10A9E56f2Dd8, with the 99 million TSR minted from the zero address before being routed to another wallet.
A project on BNB Chain, @TesseraDao , has been exploited. The attacker minted 99M $TSR and dumped the tokens for $2.4M.
As a result, $TSR plunged 99%.
The attacker has already has deposited them into Tornado Cash.
Theft address:
0x2201037A1755eC48eC5f00Fea21A10A9E56f2Dd8… pic.twitter.com/ZMF1UETxlh— Specter (@SpecterAnalyst) June 2, 2026
That zero-address mint is the key technical signal because it indicates new supply was created rather than transferred from an existing holder. The likely explanations are either compromised access to the minting function or a flaw in the token’s minting logic, while SlowMist classified the incident as private key leakage; neither should be treated as TesseraDAO’s confirmed final root-cause analysis.
The market impact was immediate because the attacker sold the newly created TSR into available liquidity. TSR’s market capitalization fell from roughly $4 million to about $213,720, while SlowMist said the attacker sold the minted tokens on PancakeSwap for approximately $2.4 million.
Funds Bridged to Ethereum and Mixed
After the sale, the attacker moved proceeds away from BNB Chain. PeckShield said the exploiter swapped the TSR for about 2.5 million USDT, bridged the funds to Ethereum and laundered 1,285.5 ETH through Tornado Cash, according the PeckShield alert.
Specter also identified the theft address and said the attacker had deposited proceeds into Tornado Cash. The use of cross-chain bridging and a mixer complicates recovery tracking, because investigators must follow both BNB Chain swap activity and later Ethereum-side fund movements.
The confirmed facts remain narrower than some market commentary. Security trackers reported an unauthorized 99 million TSR mint, a rapid sale into liquidity, a near-total price collapse and subsequent fund movement to Ethereum, but TesseraDAO has not published a technical incident report confirming whether the trigger was private key compromise, ownership takeover or unvalidated mint logic.
For holders, the operational uncertainty is still unresolved. Until TesseraDAO issues a postmortem, pauses or modifies affected contracts, or confirms a remediation plan, TSR’s post-exploit market activity should not be read as a clean signal of recovery or renewed confidence.