Banana Gun promises to refund $3 million stolen from impacted users

Quick Take

  • Banana Gun confirmed it will refund 11 users impacted by a $3 million exploit of the Telegram bot last week.
  • The team said it had identified a potential vulnerability in the Telegram message oracle Banana Gun uses, which may have led to the exploit.

Banana Gun promised to refund 11 users affected by a $3 million exploit of wallets last week.

“All impacted users will be fully refunded from the Banana Gun treasury, with no tokens being sold for reimbursements,” the team posted on X late Tuesday.

Banana Gun operates one of the industry’s leading Telegram-based trading bots. It enables users to execute on-chain transactions and snipe upcoming token launches and has generated over $6.3 billion worth of trading volume from nearly 279,000 users.

Community members first highlighted the attack last Thursday, with Banana Gun confirming that some users had witnessed "unauthorized transfers" from their wallets. The incident prompted the team to switch off the Ethereum Virtual Machine and Solana bot, though it claimed its back-end systems were not compromised.

"Only a very small number of users (fewer than 10) were affected. Additionally, the transfers appear to have been executed manually. This leads us to believe the issue may stem from a front-end vulnerability," the project said at the time.

That number turned out to be 11 users, with the attack targeting “smart money” traders and crypto veterans who are “not easy to scam,” Banana Gun said on Tuesday, adding that the targets were known in the space due to their social presence or trading expertise.

“After a thorough investigation by the Banana Gun development team and outside experts, we identified a potential vulnerability in the Telegram message oracle we use, which may have led to the exploit,” the team stated.

The bots returned online after the issue was patched last Friday, and no attacks have occurred since the shutdown. Mitigations include a two-hour transfer delay, adding two-factor authentication for transfers and audits of the back-end and front-end systems.


Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

James Hunt is a reporter at The Block and writer of The Daily newsletter, keeping you up to speed on the latest crypto news every weekday. Prior to joining The Block in 2022, James spent four years as a freelance writer in the industry, contributing to both publications and crypto project content. James’ coverage spans everything from Bitcoin and Ethereum to Layer 2 scaling solutions, avant-garde DeFi protocols, evolving DAO governance structures, trending NFTs and memecoins, regulatory landscapes, crypto company deals and the latest market updates. You can get in touch with James on Telegram or 𝕏 via @humanjets or email him at [email protected].

Editor

To contact the editor of this story:
Vishal Chawla at
[email protected]