The company suspended swaps, transfers, and token deployments while investigating the breach and said it would reimburse affected users. Security researchers believe the exploit may have involved social engineering and prompt injection attacks targeting interactions between AI systems, including Grok and Bankrbot.
Bankr Freezes Transactions After Hack
AI-powered crypto trading assistant Bankr temporarily disabled transactions after discovering that an attacker gained unauthorized access to at least 14 user wallets. According to the company, the breach forced it to suspend swaps, transfers, and token deployment functions while investigators work to determine the full extent of the exploit.
Bankr stated that the shutdown was implemented “out of caution” after reports emerged that users lost large amounts of cryptocurrency. Some affected users claimed that as much as $150,000 worth of digital assets were drained from individual wallets during the attack.
Bankr operates differently from traditional crypto wallets by allowing users to execute blockchain actions through plain-language prompts rather than manually interacting with decentralized applications or wallet interfaces. The platform automatically generates a crypto wallet for any X account that interacts with its bot, which made the service very popular among users looking for a more simplified trading experience. However, this convenience may also have created attack surfaces for malicious actors to exploit.
The latest incident is not the first time Bankr faced security concerns involving AI interactions. Earlier this year, attackers reportedly manipulated Grok, the AI chatbot associated with X, into triggering the launch of a token through Bankr’s systems. The attackers then allegedly drained funds connected to the token into wallets under their control. Security experts now believe the latest exploit may also involve a similar type of manipulation targeting automated AI-agent interactions.
SlowMist founder Yu Xian suggested that the exploit was likely a social engineering attack focused on the trust layer between automated AI systems. According to Xian, attackers may have exploited interactions between Grok and Bankrbot to gain unauthorized transaction signing capabilities. He described the exploit as a combination of prompt injection and social engineering techniques designed to manipulate AI agents into performing unintended actions.
Blockchain investigators identified three attacker-linked wallet addresses holding a combined $440,000 in crypto assets connected to the exploit.
The incident adds to an already difficult year for crypto security. Industry reports estimate that more than $168 million worth of crypto was stolen during the first quarter alone, while April saw major exploits involving Drift Protocol and Kelp.
In response to the breach, Bankr advised users not to sign transactions until further notice and warned that compromised seed phrases may already be in the hands of attackers. The company urged affected users to stop using compromised wallets immediately, generate new seed phrases on clean devices, transfer remaining assets to new wallets, and revoke any token approvals that could still expose funds to additional theft. Bankr also promised to reimburse all users who lost funds during the incident.
