Crypto AI Platform Bankr Locks Down System After Hacker Breaches 14 Crypto Wallets

bitcoinistPublished on 2026-05-20Last updated on 2026-05-20

Abstract

Crypto AI trading platform Bankr has locked down its system after a hacker breached 14 user wallets. The attack, which targeted wallets automatically created via interactions with Bankr's AI bot on X, appears to be a social engineering scheme exploiting the platform's connection with Grok. Security experts suspect the use of "prompt injection" to manipulate the AI into approving unauthorized transactions. Losses from individual wallets reached as high as $150,000, with a total of $440,000 identified in three attacker-controlled addresses. Tech entrepreneur Austen Allred was among the victims. Bankr has halted all transactions, pledged full reimbursement for lost funds, and advised affected users to set up new wallets and transfer any remaining assets. This incident follows a series of major crypto exploits in recent months.

Tech entrepreneur Austen Allred was among the victims. His wallet, tied to a project called Kelly Claude AI assistant, was drained of Ether — though the hacker left his memecoin holdings untouched. Allred said there was no sign anyone else had logged into his Bankr account, suggesting the attacker got to the private keys through other means.

How The Attack Unfolded

Bankr is a crypto trading tool that lets users send plain-language instructions — like “swap this token” or “transfer funds” — to an AI that carries out the trades.

The platform also creates a crypto wallet automatically for every X account that interacts with its bot.

That feature had already drawn attention earlier this year, when someone reportedly tricked Grok into telling Bankr to launch a token, then pulled funds from it into a wallet they controlled.

Tuesday’s incident appears to follow a similar pattern. Yu Xian, founder of blockchain security firm SlowMist, said the breach was likely a social engineering scheme aimed at the AI agent.

ETHUSD now trading at $2,129. Chart: TradingView

According to Xian, the attacker exploited the trust connection between Grok and Bankrbot to push through unauthorized transaction approvals.

He identified three wallet addresses linked to the attacker that together held $440,000 in crypto.

Xian also pointed to prompt injection as part of the method — a technique where malicious instructions are fed to an AI to manipulate its behavior.

Bankr Pledges Full Reimbursement

Bankr confirmed the breach in a post on X, saying it had identified an attacker who accessed 14 wallets. The platform said it shut down all transaction activity — swaps, transfers, and token deployments — while the investigation continues. It also pledged to cover all losses.

Users were warned not to sign any transactions for now. For those with wallets already hit, Bankr told them to stop using the affected accounts entirely, set up a new wallet with a fresh seed phrase on a clean device, and transfer any remaining tokens or NFTs out immediately.

If assets can’t be moved, revoking existing approvals was advised. Bankr also flagged the possibility of malware, urging users to check their computers and phones for suspicious software or browser extensions.

What Users Lost

Some users reported losing as much as $150,000 from a single wallet. The exact total across all 14 breached wallets has not been confirmed.

The attack adds to a rough stretch for the crypto space. Bad actors stole more than $168 million in the first quarter of the year.

April brought two of the biggest hits so far — a $280 million exploit of Drift Protocol and a $292 million breach of Kelp.

Just a day before the Bankr incident, the Ethereum bridge of Verus Protocol was also reportedly hit.

Featured image from Unsplash, chart from TradingView

Related Questions

QWhat is Bankr and how does it function as described in the article?

ABankr is a crypto trading tool that allows users to send plain-language instructions, like 'swap this token' or 'transfer funds', to an AI which then carries out the trades. The platform also automatically creates a crypto wallet for every X (formerly Twitter) account that interacts with its bot.

QAccording to the article, what was the likely method used by the attacker to breach the Bankr wallets?

AAccording to Yu Xian, founder of SlowMist, the breach was likely a social engineering scheme aimed at the AI agent. The attacker exploited the trust connection between Grok and Bankrbot to push through unauthorized transaction approvals, and prompt injection—feeding malicious instructions to manipulate the AI's behavior—was part of the method.

QWhat actions did Bankr take in response to the security breach?

ABankr confirmed the breach, identified that an attacker accessed 14 wallets, and temporarily shut down all transaction activity including swaps, transfers, and token deployments while investigating. They pledged to reimburse all lost funds and warned users not to sign any transactions.

QWhat advice did Bankr give to users whose wallets were affected by the hack?

ABankr advised affected users to stop using the compromised accounts entirely, set up a new wallet with a fresh seed phrase on a clean device, and immediately transfer any remaining tokens or NFTs out. If assets couldn't be moved, they advised revoking existing approvals and checking devices for malware or suspicious software/extensions.

QBesides the Bankr incident, what other major crypto exploits were mentioned as part of a 'rough stretch' for the crypto space?

AThe article mentions that bad actors stole over $168 million in Q1 of the year. In April, there were two major exploits: a $280 million exploit of Drift Protocol and a $292 million breach of Kelp. Just a day before the Bankr incident, the Ethereum bridge of Verus Protocol was also reportedly hit.

Related Reads

WWDC26 Ultimate Preview: The All-New Siri is the Main Course, iOS 27 is Another Year of Refinements

Apple has confirmed WWDC26 will begin on June 8, with the keynote at 10 AM PT (1 AM Beijing Time, June 9). This year's focus is expected to shift significantly from routine OS updates to Apple's progress in AI, particularly a major overhaul of Siri. Reports indicate the highlight will be a new Siri, reportedly powered by Google's Gemini technology. This upgraded assistant is expected to appear as a lightweight bubble from the Dynamic Island and be accessible via a unified "Search or Ask" system-wide entry point. It aims to deeply integrate with iOS 27, iPadOS 27, and macOS 27, accessing personal data like messages, photos, and documents, with a potential standalone Siri app also in development. For iOS 27, leaks suggest incremental improvements rather than major redesigns. Key updates may include a redesigned, more customizable Camera app, enhanced photo editing tools within the Photos app, and potential early system optimizations for a future foldable iPhone. The update is also rumored to prioritize bug fixes, stability, and performance optimization. iPadOS 27 is anticipated to focus on improving productivity features like window management, file systems, and external display support to better utilize the iPad's hardware. macOS 27 is seen as a core platform for Apple Intelligence, likely receiving an optimized Siri, new AI features, and continued refinement of the "Liquid Glass" design language. Notably, macOS 27 may finally drop support for Intel-based Macs. The overarching theme for WWDC26 is whether Apple can effectively integrate AI across its ecosystem. The success of the new Siri and Apple Intelligence will be judged on their ability to move beyond standalone features and become a cohesive, context-aware system layer that understands user workflows across iPhone, iPad, Mac, and other devices, while maintaining Apple's emphasis on privacy and stability. The conference represents Apple's critical attempt to catch up and redefine the AI assistant experience after a perceived slow start in the generative AI era.

marsbit26m ago

WWDC26 Ultimate Preview: The All-New Siri is the Main Course, iOS 27 is Another Year of Refinements

marsbit26m ago

CLARITY Act At The Center Of Latest Political Clash: Sen. Lummis Hits Back At JPMorgan CEO

Senator Cynthia Lummis has defended the proposed CLARITY Act against criticism from JPMorgan CEO Jamie Dimon. In a CNBC interview, Lummis argued that Dimon's claim the bill lacks sufficient anti-money laundering (AML) and Bank Secrecy Act (BSA) safeguards is incorrect, stating the legislation contains over 1,600 references to these provisions. Dimon, a crypto skeptic, had argued crypto firms should face the same standards as banks if they perform similar functions. Lummis countered that the bill builds on existing bank regulations. She also outlined next steps for the crypto legislative package, including merging the CLARITY Act's SEC-related parts with commodity market provisions from the Senate Agriculture Committee and revising the GENIUS Act on stablecoins.

bitcoinist50m ago

CLARITY Act At The Center Of Latest Political Clash: Sen. Lummis Hits Back At JPMorgan CEO

bitcoinist50m ago

BREAKING: Mastercard Just Opened Its Global Payment Network To Crypto — Which Altcoins Made The Cut?

Mastercard announced the expansion of its global settlement infrastructure to support on-chain settlement using regulated stablecoins. This enables card transactions to settle 24/7, eliminating delays from traditional banking hours. The initial rollout supports six stablecoins—USDC, PYUSD, USDG, USDP, RLUSD, and SoFiUSD—across eight blockchains, including Ethereum, Solana, and the XRP Ledger. The service is launching with partners in the U.S. and Latin America. This is a back-end settlement upgrade, not a consumer-facing change, allowing network partners to optionally use blockchain rails while traditional fiat settlement remains available.

bitcoinist4h ago

BREAKING: Mastercard Just Opened Its Global Payment Network To Crypto — Which Altcoins Made The Cut?

bitcoinist4h ago

Analyst Who Predicted The Bitcoin Crash from $82,000 Reveals What’s Next

A crypto analyst known as Tony, who previously predicted Bitcoin's drop from around $82,000, shares his outlook for the leading cryptocurrency. He asserts that Bitcoin is currently in a bear cycle and is likely to decline further, potentially setting new lows this year. Tony points to technical factors like the 200-day moving average and Fibonacci levels as resistance. He outlines a potential scenario where Bitcoin could see a fake breakout above $85,000 to trap retail traders before falling to new lows. His chart analysis suggests possible declines to around $50,000 by July, with a cycle bottom potentially below $40,000. Tony notes that while short-term bounces, possibly from the $67,000 region, could occur, the main trend remains downward. Another analyst, Colin, suggests the $65,000-$66,000 range might offer short-term support for a bounce but reiterates that a retest of $60,000 and lower is still likely, as Bitcoin has not yet seen the typical >70% decline from its peak observed in past bear cycles. Bitcoin is currently trading around $66,300.

bitcoinist4h ago

Analyst Who Predicted The Bitcoin Crash from $82,000 Reveals What’s Next

bitcoinist4h ago

Hoskinson Warns Of Cardano ‘Wave of Failures’ After TapTools Shutdown

Cardano founder Charles Hoskinson warns the ecosystem could face a "wave of failures" following the shutdown announcement of data and analytics platform TapTools. Citing leadership departures and unsustainable platform economics, TapTools is winding down operations despite serving over a million users. Hoskinson framed this not as an isolated incident but as a symptom of broader funding, coordination, and incentive problems within Cardano. He predicts more project failures in the second half of the year due to difficult market conditions. Hoskinson expressed frustration that proposed solutions, like a sovereign wealth fund or strategic acquisitions, have failed to gain sufficient support or faced criticism for centralization. He emphasized his lack of unilateral control over Cardano's governance, treasury, or direction, shifting responsibility to DReps and delegators to choose a clear growth strategy. The livestream concluded with a critique of Cardano's political culture and a discussion of potential extreme measures, including governance reform or even a new chain, if the current structure cannot support builders.

bitcoinist5h ago

Hoskinson Warns Of Cardano ‘Wave of Failures’ After TapTools Shutdown

bitcoinist5h ago

Trading

Spot
Futures
活动图片