Key Takeaways:
- Banana Gun, a Telegram-based crypto trading bot, lost $3 million due to a vulnerability exploited by 11 attackers.
- The platform has committed to fully reimbursing affected users from its treasury, without selling any tokens.
- Security measures, including transfer delays and two-factor authentication, have been implemented as bots resume operation.
Banana Gun, a cryptocurrency trading bot on Telegram, suffered a $3 million loss due to a vulnerability exploited by 11 attackers.
Initially, it was thought that 36 users lost $2 million in Ether (ETH), but further investigation confirmed 11 users were affected, with total losses reaching $3 million.
The platform temporarily disabled its Ethereum Virtual Machine (EVM) and Solana bots after users noticed unauthorized transfers on September 19.
The attackers targeted experienced traders by exploiting a vulnerability in a Telegram message oracle, allowing them to manually transfer ETH from wallets.
Banana Gun has committed to fully reimbursing the affected users from its treasury without selling any tokens.
Security measures, including a transfer delay and two-factor authentication, were implemented, and the bots were reactivated.
This incident occurred shortly after a $5 million hack involving the Shezmu protocol, where the attacker returned most of the stolen funds.