Gnus.AI, a blockchain-based artificial intelligence network, experienced a significant loss of approximately $1.27 million due to a token-minting exploit on May 5. In response, the team has announced its intention to release a new version of the Genius (GNUS) token and has advised users to refrain from purchasing the old version.
According to CertiK, a blockchain security firm, the attacker successfully executed the exploit by gaining access to the team’s private key for the account that begins with 0x18. With control of this account, the attacker obtained the token’s “salt” data from Ethereum, enabling them to create a version of the token on the Fantom network using the Axelar bridge protocol.
Subsequently, the attacker minted 100 million counterfeit GNUS tokens, transferred them to Ethereum, and sold them in the market. This resulted in a crash in the token’s price, effectively transferring the wealth of existing tokenholders to the attacker, who received real assets in exchange for tokens that were essentially created out of thin air.
Gnus.AI CEO, known as “SuperGenius,” stated on the social media platform X that the compromise of the 0x18 account occurred when the attacker gained access to the team’s private Discord communications. SuperGenius expressed that the hackers were able to monitor private messages on Discord.
As an initial measure to address the situation, the team plans to deposit $500,000 worth of Ether (ETH) from their own funds into a liquidity pool for the new token once it is launched. Additionally, they will deposit $500,000 worth of fees that they are owed but are currently locked until February 2025. In total, this amounts to $1 million in compensation.
CertiK estimated that the exploit resulted in a loss of $1.25 million, indicating that the initial distribution of funds will cover 80% of the losses.
While blockchain networks continue to face risks of exploits, there is evidence suggesting that these attacks may be decreasing as security practices improve. According to CertiK’s report on April 30, crypto users experienced the lowest number of losses from exploits since 2021 in the month of April.