Written by: Glendon, Techub News

Today, the trending Binance Alpha series tokens were doused with cold water. The Web3 AI project GriffinAI, which just made its debut on Binance Alpha last night, encountered a malicious issuance incident just 12 hours after launch. Its representative token GAIN was issued an additional 5 billion tokens for dumping, causing the token's price to plummet over 97% within an hour, reaching a low of $0.004185 on Binance. As of the time of writing, the GAIN price is around $0.0195.

Interestingly, according to Ai Yi's monitoring, an address starting with 0x951 bought $20,200 worth of GAIN at an average price of $0.00625 near the lowest point, making a profit of $107,000 within an hour. During the same period, a slight rebound in GAIN's price also indicated that many community investors chose to buy the dip at this time. In response to this phenomenon, crypto KOL "Marktowin" posted on Binance Square, stating that the project team has abandoned the project, and buying the dip would lead to losses, believing its lifespan to be less than 24 hours.

With this statement, the already questioned GriffinAI project team was pushed to the forefront of public opinion. So the question arises: was the malicious issuance incident of the GAIN token caused by a hacker attack, or was it the wrongdoing of the project team?

Let’s first review the background of the project and the sequence of events.

GriffinAI is a decentralized platform that combines artificial intelligence with DeFi automation, providing real-time data, multi-agent workflows, and complete on-chain deployment across major blockchains and wallets.

The platform has two core products: Agent Builder and Agent Playground. Agent Builder allows users to create, customize, and deploy AI-driven trading and DeFi agents without writing code; Agent Playground supports users in testing, optimizing, and running their agents in real market environments. According to official information, over 250,000 community users have built more than 15,000 agents through GriffinAI.

On September 22, Binance Alpha announced that the GriffinAI token GAIN would launch on September 24. Subsequently, Huobi HTX also announced that it would simultaneously launch GAIN at 19:00 on September 24, starting leveraged trading with up to 10x leverage for GAIN/USDT. The launches on both exchanges and the airdrop activities attracted significant attention to the project. After its launch, GAIN performed well, reaching a peak price of $0.2764, then stabilizing around $0.16.

However, beneath this seemingly stable surface, undercurrents were already stirring.

According to Ai Yi's monitoring, a malicious issuance and dumping address starting with 0xf3d was created about 13 hours ago (around 10 PM last night). Its funding source was through Tornado to receive ETH and cross-chain exchanged it for BNB. Around 7 AM this morning, shortly after issuing 5 billion tokens, this address began to dump aggressively, continuing for 55 minutes, profiting up to $3.01 million. Subsequently, the address used deBridge to transfer profits across multiple networks including Solana, Ethereum, Base, and Arbitrum.

The original fixed total supply of GAIN was 1 billion tokens, but as of the time of writing, the issuance amount has reached approximately 5.298 billion tokens. Among them, the largest holding address owns 4.852 billion tokens, accounting for 91.58% of the total, and is still continuously transferring to the PancakeSwap V3 pool.

Additionally, according to Yu Jin's monitoring, the GriffinAI issuance address has sold 150 million GAIN for 2,955 BNB, which was cross-chain exchanged for ETH, valued at about $3 million. 23pds, the Chief Information Security Officer of Slow Mist, pointed out that the GriffinAI issuance address has begun transferring ETH to Tornado Cash. It is particularly noteworthy that once funds enter Tornado Cash, recovering them becomes exceptionally difficult.

Four hours later, GriffinAI officially released a statement explaining the reason for the attack: the attacker introduced an unauthorized LayerZero peer setting, initialized an additional LayerZero Peer on Ethereum, and deployed a counterfeit Ethereum contract TTTTT (address 0x7a8caf). Subsequently, the attacker exploited the misconfigured Peer to bypass cross-chain verification and minted 5 billion GAIN on BSC. The tokens in the cross-chain transaction did not originate from the official GAIN address on Ethereum (0xccdbb9).

As of the time of writing, GriffinAI has taken a series of emergency measures in response to this malicious issuance incident: formally requesting all exchanges to suspend trading and deposit/withdrawal services for GAIN on the BNB Chain to block the attacker’s trading operations; removing the official liquidity of GAIN on the BNB Chain, and emphasizing that GAIN on Ethereum was not affected by this incident.

However, this announcement from GriffinAI did not quell the anger of community investors. Eight hours have passed since the incident, but the official has yet to provide a recovery plan, token contract migration plan, or any practical solutions. This delay seems to exacerbate community skepticism, with many suspecting that the team is preparing to "run away."

"They created a hacker wallet and pretended it was an attack, but in reality, it was an inside job."

Many in the community believe that the so-called "hacker attack" is merely a self-directed play by the project team, and that it is actually an inside job. As pointed out in an analysis of the incident by Web3 security infrastructure GoPlus, the attacker could be an insider or someone who used social engineering on project team members.

Meanwhile, many investors have also turned their attention to Binance Alpha, hoping for a reasonable explanation. However, during this period, Binance's official response has been limited to taking the proactive measure of "cancelling the 4x Alpha trading volume bonus for GAIN tokens," without issuing further statements on the matter. This attitude from Binance has led more investors to question its project review capabilities.

In fact, not long ago, the once star project of Binance Alpha, "100x Coin" MYX, was also embroiled in the largest airdrop witch scam controversy in history, with the MYX team being revealed to have direct connections to wallets that obtained $170 million from its airdrop, suspected to be an inside job, leading to a 38% drop in the token's price within 13 hours. The occurrence of such incidents one after another undoubtedly damages some users' trust in Binance Alpha.

As for GriffinAI, in light of the significant losses suffered by early investors, what can it do to restore trust?

Its immediate priority is to clearly state its position, cooperate with exchanges to mark and freeze the excess tokens in the attacker's address to prevent further dumping. At the same time, it should upgrade the contract, focusing on team control and the security of the token contract, fix the LayerZero cross-chain bridge vulnerability, and redeploy the smart contract. It may also consider implementing a 1:1 airdrop of tokens as a solution to rebuild community trust. After this incident, Binance Alpha also needs to strengthen its review of project teams and project codes to prevent such incidents from happening again.

Finally, if GriffinAI fails to properly handle this incident, it may lead to the project's "death."

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。