EN

Banana Gun team investigates reports of user wallets being drained, Telegram bot offline

theblock.co 19/09/2024 - 10:34 AM

Wallet Compromise on Banana Gun Telegram Bot

Wallets connected with the Telegram bot Banana Gun have been compromised, according to several community reports, resulting in some users’ funds being drained.

“We are investigating the issue, the bot is currently offline,” the Banana Gun team wrote in a pinned message on its official Telegram channel.

Community member yannickcrypto.eth reported on X that there were at least 36 victims, with almost 563 ETH ($1.4 million) stolen. He noted, “I wouldn’t say that Banana Gun itself got hacked, not enough victims.”

In an update posted to X later on Thursday, Banana Gun confirmed that some users had experienced “unauthorized transfers” from their wallets, prompting the team to disable the bot. They stated their back-end systems had not been compromised.

“Only a very small number of users (fewer than 10) were affected. Additionally, the transfers appear to have been executed manually. This leads us to believe the issue may stem from a front-end vulnerability,” the project explained.

While the Banana Gun team continues to analyze the root cause, they mentioned the Telegram bot would remain offline and welcomed any information that could aid the investigation.

Steven Walbroehl, co-founder and CTO of blockchain security firm Halborn, emphasized the risks associated with using such bots.

“Being that Banana Gun is an automated Telegram bot that performs on-chain actions for crypto traders, it is necessary to provide your private keys in order to automate these transactions. Giving up your private key is always the biggest risk you can take with anything related to crypto wallets,” he explained. “The fact that it is a bot that may not react to any suspicious activity done on behalf of user accounts makes it even more dangerous.”

## What is Banana Gun?

Banana Gun operates a Telegram-based trading bot that enables users to execute on-chain transactions and snipe upcoming token launches. The platform has reportedly enabled $6 billion worth of trading volume from nearly 272,000 users, according to its Dune Analytics dashboard.

However, this is not the first time the project has faced difficulties, as a botched launch of the revenue-sharing Banana token occurred last September due to a bug in its contract.

Updated with comments from Banana Gun and Halborn.

Comments (0)

    Greed and Fear Index

    Note: The data is for reference only.

    index illustration

    Greed

    63