Just a few hours after its launch, the Griffin AI project was exploited when an attacker minted 5 billion tokens using an interchain layer; thereafter, the bad actor dumped GAIN tokens into the market, crashing the price by 90%.
On September 25, 2025, Griffin AI, an AI agent for crypto and Defi, “experienced abnormal minting and dumping, leading to a sharp price drop,” the official Griffin AI post read. Specifying on how the attack on Griffin AI’s GAIN token happened, Griffin stated, “The attacker deployed a fake Ethereum contract ($TTTTT at 0x7a8caf),” adding this as the LayerZero peer for GAIN’s Ethereum endpoint (instead of the official ETH token at 0xccdbb9). By using this fake peer, they minted 5B GAIN on the BNB chain and began dumping on-chain.
How was this attack carried out successfully?
LayerZero is a multi-chain messaging system, and each chain (BNB and ETH in this case) runs an endpoint contract. On the receiving dApp, developers configure which remote contract/address on the source chain is trusted. That is the only remote address whose messages will be accepted as “authentic”.
Using LayerZero, the attacker replaced the trusted cross-chain counterpart (the “peer”) with a malicious contract on Ethereum. The BNB contract trusted that peer to be legit and accepted messages from it and used to mint 5B GAIN on BNB. The attacker then sold those tokens, profiting more than $3 million.
Launched at $0.163, the token soon experienced a drastic surge to $0.252. But following the attacker’s dump, the token experienced a major downturn and reached as low as $0.0052, a drop of 90%. At the time of writing, GAIN is trading at $0.0187, down by 83% over the past 24 hours.
