Bankr, an AI-powered crypto trading assistant, temporarily froze transactions after an attacker accessed 14 of its wallets — a breach that has reignited concerns about the security of automated trading agents and wallet approval flows.
What happened
- Bankr announced on X that it had paused swaps, transfers and token deployments “out of caution” while investigating reports of compromised wallets. The team later confirmed an attacker had gained access to 14 Bankr wallets and said it had “temporarily locked things down while we work through the details.”
- The company pledged to reimburse all lost funds and urged users not to sign any transactions until the investigation is complete.
Immediate user guidance
Bankr advised affected users to:
- Stop using compromised wallets and create new wallets with fresh seed phrases on clean devices.
- Move any remaining tokens or NFTs to the new wallets.
- Revoke approvals if assets cannot be moved — attackers often reuse existing permissions to drain funds.
- Scan computers and phones for malware and suspicious browser extensions.
Possible attack vector
Security researcher Yu Xian, founder of SlowMist, suggested the exploit looked like a social engineering attack that targeted the trust layer between automated agents. He pointed to a possible interaction between Grok and Bankrbot that could have permitted unauthorized signing, calling the incident a mix of social engineering and prompt injection. Yu also noted a prior Bankrbot-linked wallet assigned to Grok had been drained via a similar method.
Why this matters
Bankr’s product — described in a 0x case study as a natural language AI trading companion that executes swaps, trades, transfers and token deployments via simple commands inside social feeds or a private terminal — makes the platform a high-profile test case for the security tradeoffs of AI-driven wallets and automation. The combination of AI agents, natural-language prompts and on-chain approvals creates new attack surfaces that traditional wallet security models may not address.
Users hit and wider context
Several users reported significant losses. Tech entrepreneur Austen Allred said a Bankr wallet tied to his Kelly Claude AI assistant project was compromised; he reported no evidence of an account login and believes the attacker gained access to keys by other means.
The Bankr incident comes amid an active period of high-profile DeFi and bridge exploits:
- Verus Protocol’s Ethereum bridge lost more than $11.5 million after attackers forged a cross-chain transfer message.
- Echo Protocol paused cross-chain activity after roughly $76.7 million in unauthorized eBTC was minted on Monad.
- Aethir contained a bridge attack with user losses reportedly under $90,000.
Other recent incidents have affected Drift Protocol and Kelp DAO, underscoring persistent risks around bridge security, wallet approvals and automated transaction systems.
Takeaway
The Bankr breach highlights how AI agents and natural-language trading interfaces can introduce new vulnerabilities — especially when approvals and automated signing are involved. Users should avoid signing transactions from untrusted prompts, follow Bankr’s guidance on creating new wallets and revoking approvals, and monitor their devices for compromise while the investigation continues. Bankr’s promise to reimburse users will be closely watched as the team works through the details.
Read more AI-generated news on: undefined/news
