Image Credit: Shutterstock
SUPERFORTUNE AI said it is investigating a security incident involving its GUA token after funds meant for an airdrop-related transfer were sent to a different address during a multisignature transaction on May 27.
The project said the destination address may have been altered during execution. It also said the incident triggered severe price volatility in GUA.
May 27 Multisig Transfer Sent GUA Elsewhere
SUPERFORTUNE said the transfer was supposed to send additional unlocked tokens to an airdrop claim contract. Instead, the funds were routed to another address believed to be controlled by an attacker.
An early review pointed to possible address manipulation in the multisig flow rather than a confirmed exploit in the GUA token contract itself. That distinction matters because the project has not yet said the token contract was compromised.
Address Poisoning Appears Less Likely
SUPERFORTUNE said the suspicious destination address had no prior interaction with SUPERFORTUNE-related wallets. That made a standard address-poisoning explanation less likely, according to the project’s early review.
The team also said it already uses multiple address-verification checks in its multisig process. Those controls did not stop the wrong transfer from going through, leaving open questions about whether the problem came from compromised tooling, operational error or a deeper attack path inside the multisig workflow.
GUA Falls After Reported 15M-Token Dump
The market reaction was sharp. GUA fell more than 60% on the day, with market trackers describing the selloff as one of the token’s steepest since launch.
Some market reports said 15 million GUA were dumped over nine hours and linked the move to a price drop of about 75%. SUPERFORTUNE has not yet confirmed the full amount involved or whether any of the diverted funds can still be recovered.
Multisig Cause Remains Unresolved
For now, the core issue is still under investigation. SUPERFORTUNE has not confirmed whether the transfer was caused by address tampering, compromised tools, signer error or another weakness in the multisig process.
Until the team publishes a fuller postmortem, the incident remains an active investigation rather than a settled exploit narrative.
The immediate risk for GUA holders is uncertainty. The project says it is investigating the wrong-address transfer, while the market is still reacting to the possibility that a multisig workflow failure allowed tokens intended for an airdrop contract to be redirected elsewhere.
