Bankr, an AI-powered cryptocurrency trading assistant, said it disabled transactions after identifying an attacker who gained access to at least 14 wallets, with users reporting that some of them had leaked as much as $150,000 in cryptocurrency.

In Tuesday’s post on X Bankr he said was investigating reports that several wallets had been compromised and trading activity, including exchanges, transfers and deployments, had been disabled “out of caution” while the investigation was ongoing.

“We have determined that the attacker may have accessed 14 Bankr wallets. We have temporarily blocked access while we work out the details. We will refund any lost funds. We will provide more updates as we receive them,” he added.

Bankr allows users to prompt AI to trade, transfer and run tokens using plain language rather than a standard wallet interface. It also automatically creates a cryptocurrency wallet for each X handle that interacts with its bot. Earlier this year someone apparently exploited this feature and tricked Grok into requesting Bankr to launch the token and then transferred funds from the token to a wallet he controlled.

Source: banker

Cryptocurrency hackers have been lively in recent months. Bad actors stole over $168.6 million in cryptocurrencies in the first quarter. April saw the two largest breaches of the year so far: the $280 million Drift Protocol exploit earlier in the month and the $292 million Kelp exploit. Most recently, Verus Protocol’s Ethereum bridge was exploited on Monday.

A social engineering attack targeting a bot may be to blame

SlowMist founder, Yu Xian he said the exploit, according to Bankrbots’ own response, was likely a social engineering scheme targeting the AI ​​agent, adding that the three identified attacker addresses collectively hold $440,000 worth of cryptocurrencies.

“This was a social engineering exploit that targeted the layer of trust between automated agents – specifically, the interaction between grok and Bankrbot, which allowed unauthorized transactions to be signed,” Xian said.

Source: Yu Xian

“It appears to be a combination of social engineering exploits targeting Grok + Bankrbot. Previously, wallet assets allocated to Grok by Bankrbot were also stolen through a similar combination of instant exploit injection,” he added.

Do not sign the transaction until further notice: Bankr

The banker does recommended that users were avoiding signing transactions until further notice and warned one person that their initial sentence would “likely fall into the hands of an attacker.”

Bankr also said anyone with an infected wallet should stop using it, create a modern wallet, generate a modern seed phrase on a spotless device, transfer any remaining tokens or non-fungible tokens to a modern address, and revoke approval if remaining assets cannot be transferred.

Related: Aethir suspends the apply of the bridge and promises compensation for the loss of PLN 90,000. dollars

“Attackers often take advantage of existing permissions to drain funds. Check your devices, scan your computer and phone for malware or suspicious browser extensions. If you used a software wallet, the leak was likely from your device,” Bankr added.

Losses are reported to be as high as $150,000 per wallet

Some X users reported As much as $150,000 in crypto was withdrawn from affected wallets.

Tech entrepreneur Austen Allred he said Among those infected was a Bankr wallet connected to his Kelly Claude AI assistant project. The hacker stole Ether (ETH), but none of the project’s memecoin caches were touched.

Source: Austen Allred

“There is no evidence that anyone other than me ever logged into the Bankr account; they must have accessed the keys through other means,” Allred added.

Warehouse: Legal battle over who can claim stolen DeFi millions