Grand Base Token (GB) experienced a dramatic 99% drop in value following reports of a potential rug pull and a significant hack. The incident has led to widespread concern among investors and raised questions about the security of the protocol.
Key Takeaways
- Grand Base Token (GB) dropped 99% in value within 24 hours.
- The protocol suffered a $1.7 million loss due to a private key compromise.
- Unauthorized minting of tokens and subsequent exchange for Ether (ETH) were reported.
- The Grand Base team is working with centralized exchanges to freeze stolen funds.
- Users are advised against interacting with the compromised contract.
Unauthorized Token Minting and Security Breach
Blockchain analytics firm PeckShield reported that a private key leak led to the theft of $1.7 million in tokens from Grand Base’s liquidity pools. The stolen tokens were exchanged on-chain for Ether (ETH) and then transferred to an external address. This security breach caused the protocol’s native token to plummet by 99% in value within 24 hours.
An administrator from the Grand Base Telegram channel warned users that the token contract was no longer secure and advised against swapping or interacting with it. They assured users that updates on further actions would be provided promptly.
Further examination by blockchain analytics firm CertiK revealed that the hacker had accessed Grand Base deployer contracts, illegally minted an excessive number of GB tokens, and subsequently withdrew them.
Community Reactions and Concerns
In the Grand Base Telegram chat, a user expressed deep regret for those affected by the hack and advised against further investments, urging people not to deposit more money into the platform under any circumstances.
Another user pointed out potential security vulnerabilities within the contract, noting that despite the discrepancies, the total balance appeared unchanged, raising questions about whether these issues were an oversight by the developers or intentional.
Grand Base Team’s Response
The Grand Base team stated that they had identified all wallet addresses associated with the hacker and were coordinating with centralized exchanges (CEXs) to potentially freeze any transferred funds, indicating ongoing efforts to mitigate the fallout from the hack.
Analysts from the AI Web3 security firm Cyvers underscored the critical nature of the recent security breach. They pointed out that the attacker’s capacity to mint new tokens not only escalated the financial impact but also revealed significant security vulnerabilities.
The loss of access control by the compromised deployer’s wallet was particularly alarming, with Cyvers analysts stressing the need for stronger security measures and continuous monitoring to prevent such substantial future losses.
Future Implications and Security Measures
The breach was further highlighted by two major unauthorized transactions that were recorded from the compromised wallets, transferring 206 and 319 ETH to external addresses, respectively.
In reaction to this security issue, Grand Base communicated the breach via its Telegram channel, reassuring users of their proactive efforts to resolve the security issues. The team specifically noted that losing control of their developer wallet was a critical aspect of the security breach.
Before the incident, the Grand Base protocol, which was introduced less than five months ago, had a limit of 50 million GB tokens. The protocol allowed participants to use collateral to mint real-world assets as ERC-20 tokens and provided opportunities to earn rewards through liquidity provision for these tokenized assets.