Hacker Seizes $15 Million GUA Airdrop
The SUPERFORTUNE project team reported a security breach involving $15 million.
The SUPERFORTUNE project team reported a security breach in which an attacker withdrew 14.98 million GUA tokens (approximately $15 million at the time of the transaction).
We are investigating a security incident that occurred for the token, $GUA, through a suspected address poisoning attack on May 27, 2026, which has caused significant volatility on the token.
Initial findings indicate an address manipulation through a multisig transaction…
— SUPERFORTUNE AI (@SUPERFORTUNE888) May 28, 2026
According to the report, the incident occurred on May 27. The project team explained the situation as an address substitution in a multisig transaction. Developers intended to send tokens to a contract for airdrop payouts. However, the funds were diverted to the hacker’s wallet, which matched the original in the first and last four characters.
Analysts at EmberCN confirmed that the stolen assets were quickly liquidated. The mass sale of tokens led to a drop in GUA prices by more than 75%.
9 小时前,1498.1 万枚 $GUA (当时价值 $1518 万) 被从解锁合约解锁转出。然后在链上被全部抛售,导致 $GUA 急剧暴跌 75%。
这些 $GUA 最终是被换成了 2,784 枚 ETH ( $566 万)存放在下列 3 个钱包:https://t.co/lhXdqFy3jghttps://t.co/aZHNYdraEshttps://t.co/7i0Uwozw0M
按项目方的说法是这笔… https://t.co/1qLi0LhAJd pic.twitter.com/rjPjF6FTmv
— 余烬 (@EmberCN) May 28, 2026
The attacker allegedly converted the assets into 2,784 ETH (about $5.66 million) and distributed the funds across three new addresses.
Initially, it was suspected that the project fell victim to an “address poisoning” attack. However, during a subsequent investigation, the SUPERFORTUNE team deemed this scenario unlikely.
“The hacker’s address had not previously interacted with the project’s infrastructure. Additionally, our internal procedures include multiple stages of credential verification before signing multisig transactions,” project representatives stated.
The SUPERFORTUNE team has involved law enforcement and cybersecurity experts to analyze the causes of the incident and trace the movement of the stolen funds.
Back on May 22, Polymarket confirmed a private key compromise, resulting in approximately $700,000 in damages.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!