Key Insights:
- Banana Gun bot users lost $1.9 million in crypto, and an ongoing security breach affected at least 36 victims.
- The hack targeted specific user accounts rather than the entire platform, indicating isolated incidents rather than system-wide vulnerabilities.
- This incident follows a trend of large-scale crypto thefts just two months after the WazirX hack that stole $230 million.
Most of the Banana Gun users, a Telegram-based cryptocurrency trading bot, have been defrauded of approximately $2 million worth of digital currencies. In the case that the blockchain security firm revealed Cybers harmed at least 36 victims and had approximately 11 murderers. These attackers emptied wallets used in Banana Gun, which contained different types of assets spread across the Ethereum, Solana, and Base blockchains.
Cyvers ‘Security Operation Center lead Hakan Unal stated that the exploit that has been identified does not appear to be an intelligent contract problem affecting the bot. However, the attack seems random and amorphous, coming in the form of individual accounts. Unal stressed that the investigation is still underway, but he also stated that it does not seem to be a massive attack that targets all the country’s systems.
Victims and Scale of Losses
The anonymous cryptocurrency tracker with the username Yannick Crypto also posted on X (formerly Twitter) to confirm the list of at least 36 accounts that have been hit. He estimated that the attackers got away with $1. 9 million via crypto, and although the Banana Gun user base is significant, the hack affected its users in a very insignificant manner.
This has raised concern that the hackers might have only targeted some of the user accounts instead of the entire platform. This business’s team, including Cyvers, is still working to determine the scale and mechanism of the attack. The author also notes that hundreds of users remain at risk of similar attacks, which makes the bot in question rather unsafe.
The Banana Gun exploit occurred just two months after the WazirX exchange suffered a $230 million theft in the second-largest crypto hack in 2024. This new breach, while smaller, adds to the growing list of crypto thefts in recent months, exposing the vulnerabilities within the space.
Uncertainty Surrounding the Attack’s Cause
Unal admitted that the nature of the attack is still under investigation; however, it doesn’t appear to be the case of employing a general vulnerability such as intelligent contract hacking. A possibility that relates well to the view that the incident was well designed to target certain accounts is that out of the more than ten thousand users who interacted with the bot, few became victims.
The hack happened shortly after the return of the Angel Drainer crypto drainer toolkit, although no direct relationship between the two has been established yet. Security researchers are evaluating whether the same toolkit was involved in the Banana Gun attack. As more crypto bots are launched in the market, the issues of security and reliability of such bots are also escalating due to hackers’ increased sophistication.
Personal Note From MEXC Team
Check out our MEXC trading page and find out what we have to offer! There are also a ton of interesting articles to get you up to speed with the crypto world. Lastly, join our MEXC Creators project and share your opinion about everything crypto! Happy trading! Learn about interoperability now!
Join MEXC and Start Trading Today!