Wednesday, November 27

A fake version of AI-crypto project Genius’ token, GNUS, was used to drain Uniswap liquidity providers of $1.3M on Sunday.

The attack involved creating an identical token on the Fantom blockchain, where no official version of GNUS had yet been deployed.

After cloning the GNUS token contract on Fantom, the attacker bridged 100M freshly minted tokens across to their Ethereum address using the Axelar bridge.

Finally, the GNUS tokens were sold into the existing Uniswap liquidity pool, draining the 407 ETH (worth $1.3M at the time).

The Genius team acknowledged the attack via X (formerly Twitter). The CEO later pointed to a development wallet having being compromised “during a Discord hack”. This apparently “enabled [the hacker] to launch the exact address on FTM of the Axelar Token Minter Manager contract” which allowed the fake tokens to be minted as genuine on Ethereum and Polygon.

The sell-off caused the GNUS price to tank by over 95%, from $22.86 to $0.79, according to data from CoinGecko.

One security researcher pointed out that the incident is not technically a ‘hack’ of Genius’ smart contracts, as the stolen funds were taken from the Uniswap pool’s liquidity providers (LPs) via a standard swap, as opposed to from the platform itself.

Another researcher suspects the incident to have been a premeditated ‘rug pull’, a way for the team to steal funds from LPs while making out that a hacker is responsible.

The CEO states that a total of $1M will be added back into the liquidity pool to attempt to bolster the GNUS price, “once we are sure it can’t be hacked again.”

Read more: ZKasino $30M ‘favor’ to users — seamless transition or rug pull?

Ghost chain

Fantom, once amongst the top contenders for the role of “ETH killer” during last cycle, has since seen its fortunes fade.

Fantom hit its peak in early 2022, when it boasted over $7B of total value locked (TVL). This has since dropped to just $120M, ranking 37th on DeFiLlama’s list of largest blockchains.

Last year, problems with Multichain, Fantom’s main bridge, further compounded issues. First rumours, then confirmation of the disappearance of Multichain CEO led to depegs of many stablecoins and ‘wrapped’ assets, as the fate of their collateral remained unclear.

The Fantom Foundation has since been pursuing the partial recovery of lost assets via legal action in Singapore, where it was recently granted a default judgement against Multichain.

Read the full article here

Share.
Leave A Reply

Exit mobile version