The development team behind Bankr confirmed they have temporarily disabled all transaction activity, including token swaps, transfers, and contract deployments.
The emergency lockdown was triggered after developers detected a targeted attack against their bot architecture, which allowed malicious actors to compromise private keys and begin draining user balances.
Prompt injections
According to official disclosures, the team has verified breaches across at least 14 individual user wallets. However, some affected clients claim that as much as $150,000 in digital assets has been siphoned from their specific accounts.
The project's founders pledged to make all victims whole.
"We've identified an attacker was able to access 14 Bankr wallets. We've temporarily locked things down while we work through the details. We will be reimbursing any and all lost funds," the team announced.
The Bankr framework allows users to execute trades, move funds, and launch new tokens by feeding plain-language text prompts to an artificial intelligence engine, bypassing standard wallet interfaces.
Additionally, the bot automatically generates a crypto wallet for any X handle that interacts with its system.
On-chain sleuths quickly identified how the attacker manipulated this automated pipeline. According to Yu Xian, the founder of blockchain security firm SlowMist, the exploit weaponized a social engineering flaw embedded within the trust layers connecting different AI entities.
"It was a social engineering exploit targeting the trust layer between automated agents, specifically an interaction between Grok and Bankrbot that allowed unauthorized transaction signing," Xian explained.
The security expert noted that across three identified attacker-controlled addresses, the hacker has already amassed roughly $440,000 in stolen crypto.
Stolen liquidity
The breach also swept up high-profile market participants. Tech entrepreneur Austen Allred confirmed that a Bankr wallet integrated into his AI assistant project, Kelly Claude, was among those compromised. The exploiter successfully drained the wallet's native Ethereum reserves but left the project's native meme coin holdings untouched.
"There’s no evidence anyone other than myself ever logged into the Bankr account; they must have accessed the keys some other way," Allred remarked regarding the security failure.
Damage control
In response to the active threat, Bankr management has warned users to completely avoid signing any transactions until further notice, explicitly alerting certain clients that their seed phrases are likely already in the hands of the attacker.
The developers issued an emergency checklist for any user who suspects their wallet has been touched:
- Immediately cease all interaction with the compromised address.
- Generate an entirely new wallet and seed phrase on a malware-free device.
- Migrate all remaining tokens and non-fungible tokens (NFTs) to the new address.
- Revoke all existing smart contract approvals to block residual draining vectors.
This post is for informational purposes only and does not constitute advertising or investment advice. Please do your own research before making any decisions.