The Gnus.AI artificial intelligence network experienced a significant security breach on May 5, resulting in approximately $1.27 million in losses due to a token-minting exploit. The breach was facilitated by unauthorized access to private Discord messages among team members, leading to a critical exposure of the team’s wallet address.
Exploit Details
An attacker obtained the private key to the Gnus.AI team’s wallet, which begins with the address 0x18. This breach allowed the attacker to access and manipulate the token’s “salt” data from Ethereum. Utilizing the Axelar bridge protocol, the attacker was able to create a Fantom network version of the GNUS token. Subsequently, 100 million counterfeit GNUS tokens were minted and then transferred to the Ethereum network, where they were sold, causing a severe price drop. This price crash resulted in significant financial losses for existing token holders, as the attacker exchanged the fake tokens for real assets.
Also Read: Google Ads Exploited by Scammers to Promote Phishing Crypto Site
Response and Compensation Plan
In response to the attack, Gnus.AI’s CEO, known as “SuperGenius,” announced on the social media platform X that the team had witnessed unauthorized access to their private Discord communications. As a remedial measure, Gnus.AI plans to introduce a new version of the GNUS token and advised users against purchasing the compromised version.
To mitigate the financial impact on affected users, Gnus.AI has committed to deposit $500,000 worth of Ether and an additional $500,000 in fees (currently locked until February 2025) into a liquidity pool for the new token. This compensation plan aims to cover roughly 80% of the losses, as estimated by blockchain security firm CertiK.
Broader Impact on Blockchain Security
This incident underscores the persistent security challenges within blockchain networks. Despite a decrease in the frequency of such exploits, as noted by CertiK in their April 30 report, the Gnus.AI event highlights the ongoing vulnerabilities and the need for improved security measures in the blockchain industry.
Also Read: Ethena Labs Suffers $290K Exploit Shortly After ENA Token Launch on Binance
As the blockchain community continues to evolve, these security incidents serve as critical reminders for teams to enhance their communication security and for investors to remain vigilant about the integrity of the platforms in which they invest.
