<\/p>\n
Bankr has temporarily disabled transactions after an attacker gained access to 14 wallets, raising new concerns about the security of AI-powered crypto trading agents.<\/strong><\/p>\n <\/p>\n Bankr said<\/a> on X that it had disabled swaps, transfers, and token deployments while investigating reports of compromised wallets. The AI crypto trading assistant said the pause was done \u201cout of caution\u201d as it reviewed the incident.<\/p>\n The team later said it had identified an attacker who accessed 14 Bankr wallets. Bankr wrote, \u201cwe\u2019ve temporarily locked things down while we work through the details,\u201d adding that it would reimburse all lost funds.<\/p>\n <\/p>\n Bankr advised users not to sign transactions until further notice. It also told affected users to stop using compromised wallets, create new wallets, generate new seed phrases on clean devices, and move any remaining tokens or NFTs.<\/p>\n The team also warned users to revoke approvals if assets could not be moved. Bankr said attackers often use existing permissions to drain funds, and asked users to scan computers and phones for malware or suspicious browser extensions.<\/p>\n SlowMist founder Yu Xian said<\/a> the exploit appeared to be a social engineering attack targeting the trust layer between automated agents. He pointed to a possible interaction involving Grok and Bankrbot that allowed unauthorized signing.<\/p>\n Yu added that the case looked like a mix of social engineering and prompt injection. He also said a previous Bankrbot-linked wallet assigned to Grok had been drained through a similar method.<\/p>\n Bankr\u2019s design makes the case more closely watched. A 0x case study describes<\/a> Bankr as a natural language AI trading companion that lets users swap, trade, transfer, and deploy tokens through simple commands inside social feeds or a private terminal.<\/p>\n\n
Users told not to sign transactions<\/strong><\/h2>\n
AI agent attack theory draws attention<\/strong><\/h2>\n