AI-powered crypto trading assistant Bankr said it disabled transactions after identifying an attacker who gained access to at least 14 wallets, with users reporting as much as $150,000 in crypto was siphoned from some wallets.
In a post X on Tuesday, Bankr he said investigated reports that several wallets had been compromised and that transactional activity, including exchanges, transfers and deployments, had been disabled “as a precaution” while the investigation was ongoing.
“We have identified that the attacker was able to access 14 Bankr wallets. We have temporarily locked things down while we work out the details. We will be making up for any lost funds. We will provide more updates as soon as we have them,” it added.
Bankr allows users to encourage artificial intelligence to trade, transfer and launch tokens using simple language instead of a standard wallet interface. It also automatically creates a crypto wallet for every X handle that communicates with its bot. Earlier this year, someone allegedly took advantage of this feature and tricked Grok into asking Bankr to launch the token, then drained the funds from the token to a wallet they controlled.
Source: banker
Crypto hackers have been active in recent months. The bad guys stole more than $168.6 million in cryptocurrencies in the first quarter. April saw two of the biggest hacks of the year so far: the $280 million Drift Protocol exploit earlier in the month and the $292 million Kelp exploit. Recently, Verus Protocol’s Ethereum bridge was exploited on Monday.
A social engineering attack targeting bot could be the culprit
SlowMist founder Yu Xian he said the exploit, according to Bankrbots’ own response, was likely a social engineering scheme targeting an AI agent. The three attacker addresses identified together hold $440,000 in cryptocurrency.
“It was a social engineering exploit that targeted the layer of trust between automated agents — specifically the interaction between grok and Bankrbot that allowed unauthorized transaction signing,” Xian said.
Source: Yu Xian
“It appears to be a combination of social engineering exploits targeting Grok + Bankrbot. Previously, the wallet-related assets that Bankrbot had allocated to Grok were also stolen through a similar combo, a rapid injection exploit,” he added.
Do not sign transactions until further notice: Bankr
The banker has recommended that users should avoid signing transactions until further notice and warned one person that their opening phrase was “probably in the hands of an attacker”.
Bankr also said that anyone with a compromised wallet should stop using it, create a new wallet, generate a new seed phrase on a clean device, move any remaining tokens or irreplaceable tokens to a new address, and revoke approvals if remaining funds cannot be moved.
Related: Aethir stops exploitation of the bridge, promises compensation after a loss of 90 thousand dollars
“Attackers often use existing authorizations to leak funds. Check your devices, scan your computer and phone for malware or suspicious browser extensions. If you used a software wallet, the leak probably came from your device,” Bankr added.
Losses could reportedly be up to $150,000 per wallet
Some X users reported that up to $150,000 in cryptocurrency was leaked from affected wallets.
Tech entrepreneur Austen Allred he said Bankro’s wallet linked to his AI assistant project Kelly Claude was among those compromised. The hacker stole Ether (ETH), but none of the memecoin project’s supply was touched.
Source: Austen Allred
“There is no evidence that anyone but me ever logged into the Bankr account; they must have accessed the keys some other way,” Allred added.
Magazine: Legal battle over who can claim DeFi’s stolen millions
