On May 5, token minting was exploited on the Genius(GNUS) artificial intelligence network, resulting in an attack that cost almost $1.27 million. These occurrences further confirmed the blockchain ecosystem’s challenges in achieving the best security.
Inside GNUS security breach
First, the attacker got access to the private account of the GNUS team, which also started with 0x18. For the attacker who had control over this account, this data copy included the salt data for the token, which permits creating an additional token for the Fantom network in the Axelar bridge protocol. In total, 100 million fake GNUs have been minted, bridged onto Ethereum, and sold in the market.
GNUS CEO “SuperGenius” explained on social media site X that the 0x18 account was hacked when an attacker had managed to break into the team’s private Discord communications: “apparently the hackers can watch private messages on discord.”
To mitigate the exploit, GNUS announced that it would release a newer version of its token and warned users not to buy the old version. It has also announced compensation that will help mitigate the losses that token holders suffered.
Damage control and compensation plan
As a “quick fix,” the team pledged to deposit into a liquidity pool for the new token $500,000 worth of Ether from their funds once it is launched. The rest of the compensation is $500,000 worth of fees owed, but that is locked until February 2025.
All the same, blockchain networks’ vulnerability to a possible exploit might be slightly cushioned by evidence indicating that such attacks have reduced with the maturing of security practices. A report by CertiK on 30th April revealed that during April 2021, crypto users had the lowest cases of loss from exploits.
The GNUS incident only underscored the blockchain ecosystem’s vulnerabilities and the need for more secure measures to guard against them. Incidents such as the GNUS exploit bring into stark relief the imperatives of strong security protocols, thorough audits, and constant vigilance. It is through these challenges that the industry will be able to work toward a more secure environment that the users and holders of the tokens can trust.