Griffin AI’s native token GAIN collapsed by about 85% after an attacker created a whopping 5 billion extra tokens and sold a large tranche into the market, the company and on-chain trackers said.
The drop followed the token’s market debut yesterday and unfolded across Binance Smart Chain and cross-chain bridges.
The minting was made possible by a false LayerZero peer on Ethereum, which let the attacker mint fake GAIN on BSC and then swap those tokens for BNB.
The moves left early investors with heavy losses and prompted the team to ask exchanges to halt trading and withdrawals.
What Griffin AI does?
Griffin AI runs a no-code platform for building and running autonomous AI agents. The project says it powers more than 15,000 live agents that users can deploy for tasks like trading, research, and yield farming.
GAIN was issued to give users access to advanced agents, to pay for AI service credits, and to serve as operator collateral. The token was also listed on several centralised exchanges, including KuCoin, HTX, MEXC, and Gate.io, before the attack.
How the exploit worked?
On-chain analysts traced the attack to a new address that had recently received funds through Tornado. That address swapped ETH to BNB via a cross-chain tool and then used a fake LayerZero peer entry to mint 5B GAIN on BSC.
The attacker then sold 147,500,000 tokens on PancakeSwap and converted proceeds into 2,955 BNB, roughly $3 million.
An analyst explained the sequence, saying the attacker set up a false Ethereum peer, bridged the fake tokens to BSC, sold the minted GAIN, and then bridged proceeds back to Ethereum before sending funds into Tornado Cash.
$GAIN Price Actions
The token price plunged to $0.02997, down about 85.77% in a single day. Market cap fell with the price and stood near $7.04M, reflecting the sharp loss in value.
Trading activity spiked as well, and reported 24-hour volume jumped by about 582.68% to roughly $178k, showing frantic selling and token flows.
Also Read: Crypto Hackers Exploit Ethereum Smart Contracts To Hide Malware From Security Scanners
Team response and exchange action
Griffin AI said it asked all exchanges to pause trading, deposits and withdrawals of GAIN on BSC to stop the attacker from further moves. The team said it is working with exchanges and security partners to protect the community.
In a post, the team listed technical findings, including the unauthorised LayerZero peer, the fake Ethereum contract at address 0x7a8caf and the minting on BSC that followed. The firm said this setup allowed the attacker to mint tokens that should not have existed.
Community reaction
Users and observers voiced anger and worry. One user said the loss felt different from a normal market loss. They wrote that losing to fraud is not the same as losing in fair competition.
Analysts called the exploit a serious lapse in integration checks and raised questions about the security of cross-chain setups that rely on trusted peers. Critics asked how a peer configuration was changed without stronger safeguards.
Technical and security implications
The event highlights the risks in bridging systems and in any design that lets external endpoints be configured by contracts or scripts. It also shows how fast an attacker can convert minted tokens into value and move funds through mixing services.
Some exchanges moved fast to freeze trading on the token, while others are investigating. The role of LayerZero and of the fake peer configuration will be central to the probes and to any patching of the protocol.
The GAIN exploit is a sharp reminder that new token launches and cross-chain features carry real risks. The attack erased much of the token’s early market value and put focus on how projects manage peers and bridge logic.
Also Read: Hacker Steals $41M From Crypto Exchange SwissBorg After Kiln API Exploit