• Banana Gun will refund 11 users impacted by a $3 million hack, drawing funds from the company treasury without selling tokens.  
  • The hack exploited a vulnerability in the Telegram message oracle, allowing hackers to drain victims’ wallets during interactions.  
  • Banana Gun has implemented a 2-hour transfer delay and plans to add two-factor authentication to enhance security. 

Telegram trading bot Banana Gun has revealed a full refund plan for users affected by a recent $3 million hack. According to the Banana Gun team, the attack impacted 11 users, who will be reimbursed from the Banana Gun Treasury. 

BOT INCIDENT RECAP

First of all, we’re humbled by the incredible bot activity on Banana Gun, even after last week’s incident. Thank you all for your patience and trust. We take this as a testament that we're handling the situation properly. As previously mentioned, our EVM and…

— Banana Gun 🍌🔫 (@BananaGunBot) September 24, 2024

The team confirmed that the Ethereum Virtual Machine and Solana bots, which were compromised during the breach, are back online with no restrictions, except for a 2-hour transfer delay.

Reimbursement from Banana Gun Treasury

The team has reassured affected users that all refunds will come directly from the company’s treasury. Importantly, no tokens will be sold to facilitate the reimbursement process. 

The hack, which targeted experienced crypto traders and influencers, involved the manual draining of victims’ wallets as they interacted with the bot. In response, Banana Gun promptly shut down the EVM and Solana bots to contain the breach.

Details of the Security Breach

According to Banana Gun, the hackers exploited a vulnerability in the Telegram message oracle. This weakness enabled the unauthorized transfers, allowing the attackers to access and drain wallets during real-time interactions. The team has since fixed the vulnerability and introduced enhanced security measures to prevent future incidents.

Security Enhancements and Preventative Measures

In addition to the refund plan, the team has implemented a 2-hour transfer delay on the EVM and Solana bots. The team is also working on integrating two-factor authentication for all future transactions. Moreover, Banana Gun has committed to a full analysis of its front-end and back-end systems to ensure the security of its platform.

Read CRYPTONEWSLAND on google news

Switch to New Servers for Added Protection

As a precaution, Banana Gun has switched to new servers and redeployed its back-end infrastructure. The company has also partnered with third-party security firms, including Web3 security leader Security Alliance, to conduct additional audits on both its Telegram bots and web applications.

The hack, which took place on September 19, closely follows a similar incident involving Indian crypto exchange WazirX , which lost $235 million in a multisig wallet attack. 

Banana Gun’s swift response and commitment to refunding affected users is a step toward rebuilding trust. The additional security measures will likely prevent future breaches, ensuring a safer trading environment for its users.

disclaimer read more

Crypto News Land, also abbreviated as "CNL", is an independent media entity - we are not affiliated with any company in the blockchain and cryptocurrency industry. We aim to provide fresh and relevant content that will help build up the crypto space since we believe in its potential to impact the world for the better. All of our news sources are credible and accurate as we know it, although we do not make any warranty as to the validity of their statements as well as their motive behind it. While we make sure to double-check the veracity of information from our sources, we do not make any assurances as to the timeliness and completeness of any information in our website as provided by our sources. Moreover, we disclaim any information on our website as investment or financial advice. We encourage all visitors to do your own research and consult with an expert in the relevant subject before making any investment or trading decision.