Kinto’s $K token crashes through the floor after Arbitrum contract exploit

The price of Kinto’s $K token plummeted by over 87% in the last 24 hours following the discovery of an exploit related to its deployment on the Arbitrum network. The incident caused a market selloff that tanked the token’s price by 45% in just one hour on Thursday. Kinto first posted about the disruption at 10:50 AM GMT, writing to its followers on X stating, “We are looking into the situation ourselves and with third parties. As soon as we have a clear picture of what has happened we will make an announcement.” Kinto community. We are looking into the situation ourselves and with third parties (Hypernative, Seal 911) – as soon as we have a clear picture of what has happened we will make an announcement. — Kinto (@KintoXYZ) July 10, 2025 Just under two hours later, at 12:33 PM GMT, the platform confirmed that an exploit had taken place. “We can confirm that an exploit has happened OFF the Kinto network impacting the $K token deployment in Arbitrum. Other funds bridged into the Kinto network are safe in your Kinto wallets and no bridge vaults are vulnerable.” Exploit may have originated on Arbitrum mint contract According to an on-chain analyst on X, the Kinto exploit occurred off-network and targeted the minting contract of the $K token on Arbitrum. That vulnerability allowed a malicious actor to mint nearly 7 million tokens, exceeding the project’s circulating supply, which is below 2 million. #PeckShieldAlert $Kinto has dropped -45% in the past hour https://t.co/3xZeneqdbR pic.twitter.com/b6f8tf5iKS — PeckShieldAlert (@PeckShieldAlert) July 10, 2025 The blockchain data analyst claims that the attacker did not directly dump the excess tokens into the market. Instead, they reportedly inflated the token price over a seven-day period, likely to maximize the collateral value. The hacker then deposited the newly minted tokens into the Morpho lending protocol as collateral and borrowed a large amount of USDC , which was subsequently drained from the platform. By manipulating the price and leveraging low liquidity conditions, they avoided triggering an alarm immediately. Uniswap, a commonly used decentralized exchange, had too little liquidity for the attacker to sell directly without detection. Still, the protocol-based route allowed them to exploit systemic trust in Kinto’s token economy. “Please don’t spread baseless FUD on Kinto XYZ just because of past ICO experience. I am also waiting for official information about the exploit and the above is just my personal understanding of what might have happened,” the pseudonymous defi enthusiast asserted . As it stands, Morpho has been left holding the inflated supply of $K tokens, now worth a fraction of their previous value. Kinto has not confirmed how much USDC was withdrawn but stated that recovery efforts are ongoing. Kinto to investigate exploit with third-party assistance Kinto announced that it is working with several third-party cybersecurity and blockchain forensics teams, including Seal 911, Hypernative, Venn, and Zeroshadow. The company promised to share a full report with the public and relevant authorities. For now, the platform insists that its mainnet, wallets, and bridge vaults were unaffected by the breach. The DeFi project assured users that the team and its early investors had not sold tokens or committed a “rug pull.” Token unlocks are reportedly scheduled for April 2026, which arguably rules out insider dumping during the crash. Market sentiment surrounding Kinto has soured quickly, and some traders and analysts on social media blamed the exploit on poor contract design and insufficient audit procedures. “These types of projects can’t survive,” wrote one X user. “Greedy influencers promote these kinds of cheap projects, and you end up losing your money. Always put your money in real use-case projects.” Cryptopolitan Academy: Coming Soon – A New Way to Earn Passive Income with DeFi in 2025. Learn More

Source: Cryptopolitan