Fake Token Attack Drains Uniswap Liquidity Providers of $1.3M
An imitation of Genius' token, GNUS, was used in an attack that drained Uniswap liquidity providers of $1.3 million on Sunday.
The attacker duplicated the GNUS token contract on the Fantom blockchain, where no official version of GNUS had been deployed.
Subsequently, 100 million freshly minted tokens were bridged to an Ethereum address using the Axelar bridge. These tokens were then sold into the existing Uniswap liquidity pool, resulting in the depletion of 407 ETH (equivalent to $1.3 million at the time).
Acknowledging the attack via X, the Genius team’s CEO later attributed the breach to a compromised development wallet during a Discord hack. This breach allegedly enabled the hacker to launch the exact address on FTM of the Axelar Token Minter Manager contract, facilitating the minting of fake tokens on Ethereum and Polygon.
Following the sell-off, the GNUS price plummeted by over 95%, from $22.86 to $0.79. While some security researchers do not categorize the incident as a ‘hack’ of Genius’ smart contracts, others suspect it to be a premeditated ‘rug pull’, orchestrated by the team to deceive liquidity providers while attributing the theft to a hacker.
READ MORE: Coinbase Faces Legal Action Over Alleged Securities Violations
The CEO announced plans to inject $1 million back into the liquidity pool to potentially stabilize the GNUS price, contingent on ensuring its security against future breaches.
Fantom, once positioned as a leading competitor to Ethereum, has seen a decline in fortunes since its peak in early 2022. Despite boasting over $7 billion in TVL at its height, it now ranks 37th on DeFiLlama’s list of largest blockchains, with TVL plummeting to just $120 million.