Crypto AI Platform Bankr Locks Down System After Hacker Breaches 14 Crypto Wallets

bitcoinistPublicado a 2026-05-20Actualizado a 2026-05-20

Resumen

Crypto AI trading platform Bankr has locked down its system after a hacker breached 14 user wallets. The attack, which targeted wallets automatically created via interactions with Bankr's AI bot on X, appears to be a social engineering scheme exploiting the platform's connection with Grok. Security experts suspect the use of "prompt injection" to manipulate the AI into approving unauthorized transactions. Losses from individual wallets reached as high as $150,000, with a total of $440,000 identified in three attacker-controlled addresses. Tech entrepreneur Austen Allred was among the victims. Bankr has halted all transactions, pledged full reimbursement for lost funds, and advised affected users to set up new wallets and transfer any remaining assets. This incident follows a series of major crypto exploits in recent months.

Tech entrepreneur Austen Allred was among the victims. His wallet, tied to a project called Kelly Claude AI assistant, was drained of Ether — though the hacker left his memecoin holdings untouched. Allred said there was no sign anyone else had logged into his Bankr account, suggesting the attacker got to the private keys through other means.

How The Attack Unfolded

Bankr is a crypto trading tool that lets users send plain-language instructions — like “swap this token” or “transfer funds” — to an AI that carries out the trades.

The platform also creates a crypto wallet automatically for every X account that interacts with its bot.

That feature had already drawn attention earlier this year, when someone reportedly tricked Grok into telling Bankr to launch a token, then pulled funds from it into a wallet they controlled.

Tuesday’s incident appears to follow a similar pattern. Yu Xian, founder of blockchain security firm SlowMist, said the breach was likely a social engineering scheme aimed at the AI agent.

ETHUSD now trading at $2,129. Chart: TradingView

According to Xian, the attacker exploited the trust connection between Grok and Bankrbot to push through unauthorized transaction approvals.

He identified three wallet addresses linked to the attacker that together held $440,000 in crypto.

Xian also pointed to prompt injection as part of the method — a technique where malicious instructions are fed to an AI to manipulate its behavior.

Bankr Pledges Full Reimbursement

Bankr confirmed the breach in a post on X, saying it had identified an attacker who accessed 14 wallets. The platform said it shut down all transaction activity — swaps, transfers, and token deployments — while the investigation continues. It also pledged to cover all losses.

Users were warned not to sign any transactions for now. For those with wallets already hit, Bankr told them to stop using the affected accounts entirely, set up a new wallet with a fresh seed phrase on a clean device, and transfer any remaining tokens or NFTs out immediately.

If assets can’t be moved, revoking existing approvals was advised. Bankr also flagged the possibility of malware, urging users to check their computers and phones for suspicious software or browser extensions.

What Users Lost

Some users reported losing as much as $150,000 from a single wallet. The exact total across all 14 breached wallets has not been confirmed.

The attack adds to a rough stretch for the crypto space. Bad actors stole more than $168 million in the first quarter of the year.

April brought two of the biggest hits so far — a $280 million exploit of Drift Protocol and a $292 million breach of Kelp.

Just a day before the Bankr incident, the Ethereum bridge of Verus Protocol was also reportedly hit.

Featured image from Unsplash, chart from TradingView

Preguntas relacionadas

QWhat is Bankr and how does it function as described in the article?

ABankr is a crypto trading tool that allows users to send plain-language instructions, like 'swap this token' or 'transfer funds', to an AI which then carries out the trades. The platform also automatically creates a crypto wallet for every X (formerly Twitter) account that interacts with its bot.

QAccording to the article, what was the likely method used by the attacker to breach the Bankr wallets?

AAccording to Yu Xian, founder of SlowMist, the breach was likely a social engineering scheme aimed at the AI agent. The attacker exploited the trust connection between Grok and Bankrbot to push through unauthorized transaction approvals, and prompt injection—feeding malicious instructions to manipulate the AI's behavior—was part of the method.

QWhat actions did Bankr take in response to the security breach?

ABankr confirmed the breach, identified that an attacker accessed 14 wallets, and temporarily shut down all transaction activity including swaps, transfers, and token deployments while investigating. They pledged to reimburse all lost funds and warned users not to sign any transactions.

QWhat advice did Bankr give to users whose wallets were affected by the hack?

ABankr advised affected users to stop using the compromised accounts entirely, set up a new wallet with a fresh seed phrase on a clean device, and immediately transfer any remaining tokens or NFTs out. If assets couldn't be moved, they advised revoking existing approvals and checking devices for malware or suspicious software/extensions.

QBesides the Bankr incident, what other major crypto exploits were mentioned as part of a 'rough stretch' for the crypto space?

AThe article mentions that bad actors stole over $168 million in Q1 of the year. In April, there were two major exploits: a $280 million exploit of Drift Protocol and a $292 million breach of Kelp. Just a day before the Bankr incident, the Ethereum bridge of Verus Protocol was also reportedly hit.

Lecturas Relacionadas

Ripple’s RLUSD Lands In Mastercard’s Stablecoin Settlement Expansion

Mastercard is expanding its stablecoin settlement capabilities, adding Ripple's RLUSD alongside other regulated stablecoins like USDC and PYUSD. This move allows issuers and acquirers to settle card transactions using digital assets on various blockchains, including Ethereum, Solana, and the XRP Ledger. The enhancement introduces intraday, weekend, and holiday settlement options, aiming to provide more flexibility, especially for cross-border payments and treasury operations. Mastercard positions this as a network-level addition that complements existing processes, with initial support focused on the US and Latin America. Ripple views RLUSD's inclusion as validation for regulated stablecoins in institutional payment infrastructure, highlighting the growing demand for faster, always-on settlement.

bitcoinistHace 3 min(s)

Ripple’s RLUSD Lands In Mastercard’s Stablecoin Settlement Expansion

bitcoinistHace 3 min(s)

Fei-Fei Li's Team Clarifies the Concept of 'World Models', Sora Merely a Renderer

"World Models" has become a widely used yet confusing term in AI. To address this, a team led by Fei-Fei Li and World Labs proposed a functional taxonomy based on the Partially Observable Markov Decision Process framework. This taxonomy categorizes systems called "world models" into three distinct projections: Renderers, Simulators, and Planners. Renderers, like OpenAI's Sora and other video generation models, focus on producing photorealistic visual outputs for human perception. They prioritize visual fidelity over physical accuracy. Simulators, such as NVIDIA Omniverse, aim to compute precise future environmental states for computational tasks like engineering analysis or digital twins. Planners, like Vision-Language-Action models, take in observations and goals to output executable actions for robots or agents. The article clarifies that most current "world models," including Sora, are primarily Renderers. They generate convincing visuals but lack the core ability to simulate state transitions based on actions, a key requirement for a true world model in classic reinforcement learning definitions. This conceptual confusion has practical implications, leading to potential misalignment in technology selection, investment, and public understanding of AI capabilities. Clear categorization is crucial. It helps enterprises avoid costly mistakes (e.g., using a renderer for robot training), allows investors to accurately assess markets, and enables researchers to build comparable benchmarks. While future systems may integrate these functions, recognizing current boundaries is essential for honest assessment and progress.

marsbitHace 21 min(s)

Fei-Fei Li's Team Clarifies the Concept of 'World Models', Sora Merely a Renderer

marsbitHace 21 min(s)

From Web3 to AI Agent: Veteran Crypto VC Variant Bets $300 Million on Pivot

Variant Fund has announced the launch of Variant 4, a new $222 million early-stage venture fund. Its investment thesis has evolved from "digital ownership" to a broader theme of "sovereignty," focusing on technologies that enhance user agency—the control individuals have over their lives, assets, and identity. The firm distinguishes between mere automation and systems that genuinely empower users, emphasizing that the key question is who ultimately benefits: the user or the platform. This new framework encompasses Variant's existing investments in areas like public blockchains (Ethereum, Solana), developer infrastructure, decentralized finance (e.g., Uniswap), and consumer applications. It also informs recent early bets on projects such as Honcho (for self-custodial AI agent memory), Octet (cryptographic verification of physical location), and here.now (an "agent cloud" for owning and composing generative content). Variant's core mission remains to back founders building technologies that expand user sovereignty, moving towards an internet where users possess unprecedented agency rather than being the product.

marsbitHace 26 min(s)

From Web3 to AI Agent: Veteran Crypto VC Variant Bets $300 Million on Pivot

marsbitHace 26 min(s)

Solana Explosive Growth Pushes Its Monthly Perps Volume Beyond Prior Records

Despite bearish market conditions and price volatility, Solana is demonstrating significant strength in its derivatives market. The network's monthly perpetual futures volume has surged to a new record, exceeding $76.7 billion in May 2026—a 34% increase from the previous high. This growth reflects heightened speculative activity and trader engagement. Analysts note that perpetual contracts are becoming crucial financial primitives, with Solana positioning itself as a network for genuine on-chain price discovery and execution. Concurrently, Solana is experiencing a massive increase in stablecoin activity, processing over $79.9 billion in stablecoin volume in one week, underscoring its role as a major hub for on-chain liquidity and transactions.

bitcoinistHace 34 min(s)

Solana Explosive Growth Pushes Its Monthly Perps Volume Beyond Prior Records

bitcoinistHace 34 min(s)

Bloomberg Uncovered: How Do China's Wealthy Circumvent the Annual $50,000 Limit to Transfer Assets?

**Summary: How Wealthy Chinese Circumvent $50,000 Annual Foreign Exchange Limits** Despite China's strict capital controls, including an annual $50,000 per person foreign exchange quota, an estimated $150 billion in funds still leaves the country annually via various gray and underground channels. This report outlines the evolution of China's "capital wall" and the methods used to bypass it. **The Evolving Capital Controls:** * **Foundation (1994):** The system of "current account convertibility with strict capital account controls" was established. * **Quota Set (2007):** The $50,000 individual annual forex purchase limit was formalized. * **Crackdown Begins (2015-2017):** Following market volatility, enforcement tightened. Banks were required to scrutinize transactions, and channels like using UnionPay cards for Hong Kong insurance premiums or buying overseas property were blocked. * **Digital & Legal Upgrades (2024-2026):** Enhanced algorithms now flag suspicious patterns (e.g., "smurfing"). The Common Reporting Standard (CRS) provides Chinese tax authorities with data on citizens' offshore accounts. Unlicensed cross-border brokers have been targeted. **Five Primary Methods for Moving Capital:** 1. **Underground Banking / "Hawala" (Duiqiao):** The largest-scale method. No money crosses borders. Clients pay RMB to a domestic account; an overseas associate deposits equivalent foreign currency into the client's offshore account. Risks include high fees, account freezes, and legal penalties. 2. **"Smurfing" or "Ant Moving":** Using multiple individuals' $50,000 quotas to pool funds for one offshore recipient. Increasingly detected by anti-money laundering algorithms. 3. **Trade Invoice Manipulation:** Businesses over-invoice imports or under-invoice exports via offshore shell companies, creating a pretext to transfer excess funds abroad under the guise of trade. 4. **Channel Migration:** After a crackdown on internet brokers, funds flow toward more compliant but costly channels like major banks' cross-border wealth management services or Qualified Domestic Institutional Investor (QDII) quotas. 5. **Structural Arrangements:** High-net-worth individuals use complex, high-cost legal structures involving offshore trusts, insurance, and investment migration programs to transfer asset ownership. **Regulatory Response: Focusing on People, Not Just Money** The current strategy extends oversight from enterprises to **individual residents**. Tools like CRS allow retroactive visibility into offshore assets. Cryptocurrencies, once seen as a potential loophole, are now actively monitored and prosecuted as an illegal channel. The underlying driver remains: with significant wealth concentrated among millions of affluent households seeking diversification amid domestic economic shifts, the incentive to move assets offshore persists despite regulatory barriers.

marsbitHace 40 min(s)

Bloomberg Uncovered: How Do China's Wealthy Circumvent the Annual $50,000 Limit to Transfer Assets?

marsbitHace 40 min(s)

Trading

Spot
Futuros
活动图片