Griffin AI's native token, GAIN, crashed just one day after its launch due to a major security vulnerability. Listed on Binance Alpha, the project quickly attracted investor interest by offering users a special airdrop opportunity. However, the unauthorized minting of 5 billion GAIN tokens caused the price to drop by up to 90%.
When GAIN launched on Binance Alpha on September 24th, it was priced at $0.18. It quickly became listed on major exchanges such as KuCoin, HTX, MEXC, and Gate.io, and the token had a strong start thanks to investor interest. However, unusual movements detected in on-chain analysis later that day caused panic in the market.
Attacker Targeted Contracts
According to on-chain research, the attacker manipulated the Griffin AI contract using a fake LayerZero pairing and minted 5 billion new GAIN. This surge in supply quickly led to the token being released via PancakeSwap. The sale of just 147.5 million GAIN was enough to shake the price. The attacker obtained 2,955 BNB, or approximately $3 million, from this sale and distributed the funds to various wallets.
Following the incident, the Griffin AI team requested that all centralized exchanges cease trading. MEXC attempted to prevent further losses by suspending transactions even before the team's call. However, swaps continued for some time on decentralized exchanges (DEXs), and the attacker began bridging some of the acquired assets to Ethereum and distributing them through Tornado Cash.
Currently, the attacker's wallet holds 4.8 billion unauthorized GAIN tokens. The fate of these tokens is not yet clear. In its official statement, the Griffin AI team urged investors not to engage with fake liquidity pools. Furthermore, the project's airdrop campaign was completely terminated for security reasons.
GAIN's market capitalization fell to $7.3 million after the attack, while the token is trading at $0.03. Daily trading volume increased dramatically, exceeding $190 million. However, much of this volume was due to panic selling.
Griffin AI is known as a platform that allows users to develop autonomous artificial intelligence agents without requiring coding knowledge. There are currently over 15,000 active agents on the platform, and the GAIN token supports this ecosystem's service credits, transaction collateral, and development tools. However, this vulnerability dealt a serious blow to the project's reputation.
The crypto community reacted strongly to the incident. Many investors expressed their outrage, saying, "We can accept losses, but this kind of manipulation is unacceptable." Some analysts argue that the vulnerability was not internal to the team, but rather an external attacker.
The GAIN incident is also reminiscent of the recent incident involving UXLink, which lost its value due to a similar unauthorized token issuance. Such attacks highlight the risks investors face, especially with newly released tokens.
