Hacker disables banker transactions after accessing 14 crypto wallets
AI-powered crypto trading assistant Banker has identified an attacker who gained access to at least 14 wallets and disabled transactions, with users reporting as much as $150,000 worth of crypto was withdrawn from some.
On Tuesday, Banker revealed on XPost that it is investigating reports of multiple wallets being compromised, and transactions, including transactions, exchanges, transfers and deployments, have been disabled “as a precaution” while the investigation continues.
He added: “We have identified that an attacker was able to access 14 bank wallets. We have temporarily locked things down while we work out the details. We will refund any and all missing funds. We will provide further updates as we have them.”
Bankr AI allows users to trade, transfer and launch tokens using plain language instead of a standard wallet interface. It also automatically creates a crypto wallet for every X handle that connects to the bot. Earlier this year, it was reported that someone used this feature and tricked Grok into launching a Bunker token, then transferred funds from the token to a wallet they controlled.
Source: Banker
Crypto hackers have been active in recent months. Bad actors stole over $168.6 million in crypto in the first quarter. April has seen the two biggest hacks of the year so far: the $280 million Drift Protocol exploit earlier in the month and the $292 million Kelp exploit. Recently, the Verus protocol Ethereum Bridge was used on Monday.
A social engineering attack targeting a bot may be responsible.
SlowMist founder Yu Xian said the exploit could be a social engineering scheme targeting an AI agent in response to bankbots, adding that three identified attacker addresses held $440,000 in crypt.
“It was a social engineering exploit that targeted the layer of trust between automated agents—specifically, the interaction between Grok and Bankerbot that allowed unauthorized transaction signing,” Xian said.
Source: Yu Xian
“It appears to be a social engineering combo targeting Grok + Bankrbot. Wallet-related assets previously assigned to Grok by Bankerbot were also stolen by the same combo.”
Do not sign transactions until further notice: Bankr
The bank advised users to refrain from signing transactions until further notice, warning that the phrase an individual had sent “could be in the hands of an attacker”.
Banker also said that anyone should stop using the compromised wallet, create a new wallet, generate a new pedigree on a clean device, move the remaining tokens or tokens to the new address, and revoke approvals if the remaining assets cannot be moved.
Related: Aethir ends bridge exploit, promises compensation after $90k loss
“Attackers often use existing authentication to make their withdrawals. Check your device, scan your computer and phone for malware or suspicious browser extensions. If you use a software wallet, the hole probably came from your device,” Bunker added.
Losses are said to be as high as $150,000 per wallet.
Some X users have reported that up to $150,000 in crypt has been withdrawn from affected wallets.
Tech entrepreneur Austin Allred said a bank wallet linked to his Kelly Cloud AI assistant project was among those affected. The hacker stole Ether (ETH), but none of the project's memecoin stash was affected.
Source: Austin Allred
“There's no evidence that anyone other than myself got into the bank account; they had to get the keys some other way,” Allred added.
Magazine: The legal battle over who can claim DeFi's stolen millions
