AI-powered crypto trading assistant Bankr said it disabled transactions after identifying an attacker who gained access to at least 14 wallets, with users reporting up to $150,000 in crypto drained from some wallets.
In an X post Tuesday, Bankr said it was investigating reports of compromised wallets and disabled transaction activity - including swaps, transfers and deployments - "out of caution."
"We've identified an attacker was able to access 14 Bankr wallets. We've temporarily locked things down while we work through the details. We will be reimbursing any and all lost funds," the company added.
SlowMist founder Yu Xian said the exploit was likely a social engineering scheme targeting the AI agent. Three identified attacker addresses collectively hold $440,000 in crypto.
"It was a social engineering exploit targeting the trust layer between automated agents-specifically an interaction between Grok and Bankrbot that allowed unauthorized transaction signing," Xian said.
Bankr has recommended users avoid signing transactions until further notice and warned one individual their seed phrase "is likely in the hands of an attacker."
Some X users reported up to $150,000 in crypto drained per wallet. Tech entrepreneur Austen Allred confirmed a Bankr wallet linked to his Kelly Claude AI assistant project was compromised, with the hacker stealing Ether (ETH) but leaving the project's memecoin stash untouched.
"There's no evidence anyone other than myself ever logged into the Bankr account; they must have accessed the keys some other way," Allred added.