Grok lost around $100K in DRB tokens after an unknown attacker bypassed its protections using a gift NFT and an encoded command. Most of the funds were later recovered.
Attack Scheme: NFT as the Key, Morse Code as the Command
The attack unfolded in two stages. First, the hacker sent Grok an NFT from the Bankr Club collection — a digital gift that activated the AI’s access to transaction tools. This became the point of entry: after a similar incident in March 2025, comparable mechanisms had been blocked, but this new NFT-based method allowed the attacker to bypass those safeguards.
Once access to the tools was secured, the attacker sent Grok a message containing an encrypted command in Morse code. The AI decoded the instruction and carried out the transfer on its own — 3B DRB tokens were sent to the attacker’s address, after which the stolen funds were immediately split and moved across additional wallets.
Blockchain Detectives and Partial Recovery
The crypto community reacted quickly: users tracked the stolen funds on-chain, publicly identified the hacker’s wallet, and reached out directly across the network. As a result, most of the stolen tokens were returned — an unprecedented outcome for this kind of attack.
Following the incident, Grok’s access to transfer tools was completely revoked.
Market Reaction: Sharp Decline
In the first hours after the attack, the DRB token lost more than 15% of its value. The coin launched in March 2025 at Grok’s own initiative and serves as the unofficial token of its community.
This is yet another case in which a carefully crafted message was enough to drain funds from a wallet linked to Grok. The incident raises urgent questions about the security of autonomous AI agents with access to crypto operations: if an AI can be persuaded to transfer tokens through Morse code, the entire trust framework behind such systems requires a fundamental rethink.