Telegram bot Banana Gun to absorb $3M loss from hack
The Telegram-based cryptocurrency trading bot Banana Gun has announced it will refund users who collectively lost $3 million in a recent hack carried out by 11 attackers.
On Sept. 19, certain Banana Gun users reported unauthorized outbound transfers from their crypto wallets. The revelation forced Banana Gun to temporarily switch off its Ethereum Virtual Machine (EVM) and Solana bots to avoid further losses.
Crypto trading bots facilitate automated trades, often used by crypto traders to optimize profitability.
While initial investigations suggested that 36 users were affected by the attack and lost nearly $2 million worth of Ether ( ETH ), Banana Gun’s post-mortem report revealed a higher value of loss with fewer casualties.
Source: Banana Gun
“A total of 11 users were affected, with $3M drained. All impacted users will be fully refunded from the Banana Gun treasury, with no tokens being sold for reimbursements,” the bot firm stated.
Vulnerability within Telegram message oracle
Unlike hackers that usually prey on novice investors, the Banana Gun attacker targeted seasoned crypto traders and was able to manually transfer ETH from their wallets while the trading bots were in use.
Manual unauthorized transfers and in-bot notifications of the transfers led Banana Gun to suspect that the hacker exploited a vulnerability within a Telegram message oracle.
Related: Indian crypto exchange WazirX struggles to recover funds 60 days after hack
After patching the vulnerability, Banana Gun restarted EVM and Solana bots and implemented security measures to prevent further fund drains. Measures include a two-hour transfer delay, two-factor authentication for transfers, and a thorough review of systems, among others.
Negotiating with hacker
On Sept. 21, the hacker that stole $5 million from leveraging yield protocol Shezmu returned most of its stolen funds after accepting a white hat bounty.
Source: Shezmu
Shezmu found that one of its ShezmuUSD (ShezUSD) stablecoin vaults was exploited, and the hacker requested that 90% of the stolen funds be returned within 24 hours through an onchain message.
Within hours, Shezmu began receiving the stolen Dai ( DAI ) tokens in its wallet. The hacker initially returned 282.18 Ether ( ETH ) to the protocol and followed it up with another refund of 137 Wrapped Ether (WETH).
Magazine: Lady of Crypto will be ‘all out of crypto’ by September 2025: X Hall of Flame
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
MARA's stock jumps after raising $1 billion via convertible notes to buy more bitcoin
MARA Holdings announced the successful closing of its $1 billion offering of 0% convertible senior notes due 2030.The bitcoin miner plans to allocate around $199 million of the proceeds to repurchase $212 million in principal of its existing convertible notes due 2026. The remaining funds will be used to acquire more bitcoin.
Gold loses luster as institutional demand fuels bitcoin price surge, analysts say
Bitcoin’s 46% surge over the past month, contrasted with gold’s 3% decline, highlights a shifting investor preference toward alternative store-of-value assets, analysts say.Derivatives traders are buying up bitcoin call options ahead of Trump’s inauguration, signaling strong bullish sentiment for the beginning of 2024.
SEC is 'engaging' Solana ETF applicants: report
SEC “engaging” on Solana ETF applications, sparking optimism for potential approval in 2025.VanEck, 21Shares, and Bitwise lead Solana ETF filings amid pro-crypto White House hopes.SOL token rises 4.6% to $247.91, bolstered by Solana’s strong DeFi ecosystem and demand.
Shiba Inu Developer Says SHIB Is No Longer a Memcoin
Trending news
MoreCrypto prices
More
