PANews reported on May 21 that TAC, the TON network expansion project, disclosed a security incident that occurred on the TON-TAC asset bridge on May 11. Four days later, approximately 80% of the affected assets had been returned. TAC released a post-incident analysis report today detailing the incident. The vulnerability stemmed from a lack of verification in the sorting software: attackers deployed a fake Jetton wallet on TON, and the sorting software accepted the counterfeit tokens without verifying the sender's wallet's code hash. The total loss was approximately $2.86 million, involving USDT, BLUM, and tsTON. Following a public appeal, approximately 90% of the assets were returned to a multi-signature address controlled by TAC on May 14, with the remaining 10% retained by the attackers.

The cross-chain bridge remains suspended, awaiting independent review of the repaired sorter software by the auditors and TON partners. Cross-chain operations will resume once the repaired software is verified and the shortfall is covered by recovered assets and TAC Foundation token reserves. Due to the need for multi-party coordination, a precise timeline cannot be provided. The remaining funding gap will be filled by the TAC Foundation treasury, and users and the protocol will not suffer financial losses. TAC reminds users that official updates are only released through this account and Telegram; any unsolicited private messages claiming "restore" or "support" are scams.