On May 5, the Gnus.AI artificial intelligence network experienced a significant loss of approximately $1.27 million due to a vulnerability in token minting. In response, the team announced plans to release a new version of the Genius (GNUS) token and advised users against purchasing the old version. Gnus.AI operates as a blockchain network where users engage in artificial intelligence computations in exchange for tokens.
According to a May 6 report from blockchain security firm CertiK, attackers exploited the vulnerability by obtaining the private keys of team accounts starting with 0x18. With control of the account, they copied the token's "salt" data from Ethereum and utilized the Axelar bridging protocol to create a Fantom Network version of the token. Subsequently, the attackers minted 100 million counterfeit GNUS tokens, bridged them to Ethereum, and sold them on the market, leading to a collapse in the token's price.
The aftermath of the exploit saw the transfer of wealth from existing token holders to the attackers, who exchanged tokens generated from thin air for tangible assets. The severity of the situation prompted the team at Gnus.AI to take swift action. In response, they announced plans to deposit $500,000 worth of Ethereum as a temporary solution and to transfer their own funds to the liquidity pool once the new token is launched.
Additionally, the team committed to depositing $500,000 worth of fees owed, although these funds are currently locked until February 2025. This compensation package totals $1 million, covering approximately 80% of the estimated losses of $1.25 million calculated by CertiK. Despite such vulnerabilities, there are indications that improved security practices may lead to a reduction in such attacks over time. Notably, a report from CertiK on April 30 revealed that cryptocurrency users experienced the lowest losses from exploits in April compared to the same period in 2021.
