Bankr, an artificial intelligence-powered crypto trading assistant, announced on Tuesday that it had temporarily disabled all transactions after identifying an attacker who gained access to at least 14 user wallets. The platform said it took the step out of caution while it investigates the breach, which has led to reports of funds being drained—some users claim losses as high as $150,000 per wallet.

In a post on social media platform X, Bankr stated: "We've identified an attacker was able to access 14 Bankr wallets. We've temporarily locked things down while we work through the details. We will be reimbursing any and all lost funds. Will provide more updates as we have them." The company also disabled swaps, transfers, and deployments to prevent further unauthorized transactions.

Social engineering attack on AI agents

SlowMist founder Yu Xian analyzed the exploit and said it appeared to be a social engineering attack targeting the trust between automated agents—specifically Grok and Bankrbot. According to Xian, the attacker manipulated the interaction between these AI agents to trick Bankrbot into signing unauthorized transactions. He noted that the three identified attacker addresses collectively hold around $440,000 in crypto.

"It was a social engineering exploit targeting the trust layer between automated agents—specifically an interaction between Grok and Bankrbot that allowed unauthorized transaction signing," Xian explained. He added that this was similar to previous prompt injection exploits where wallet-related assets allocated by Bankrbot to Grok were stolen.

Impact on users and immediate response

Bankr allows users to prompt an AI to trade, transfer, and launch tokens using plain language rather than a standard wallet interface. It automatically creates a crypto wallet for every X handle that interacts with its bot. This convenience, however, appears to have opened up a new attack vector that the hacker exploited.

Tech entrepreneur Austen Allred reported that a Bankr wallet connected to his Kelly Claude AI assistant project was among those compromised. The hacker stole Ether (ETH) but left the project's memecoin stash untouched. Allred said: "There's no evidence anyone other than myself ever logged into the Bankr account; they must have accessed the keys some other way."

Bankr has recommended that users avoid signing any transactions until further notice. For those whose wallets were affected, the platform advised: stop using the compromised wallet, create a new wallet and generate a fresh seed phrase on a clean device (one that is not connected to the internet or has been scanned for malware), move any remaining tokens or nonfungible tokens (NFTs) to the new address, and revoke approvals on any existing assets that cannot be moved.

Broader context of crypto hacks

The incident comes amid a string of high-profile crypto hacks in 2026. In the first quarter alone, bad actors stole over $168.6 million in crypto. April witnessed the two largest hacks of the year so far: the $280 million Drift Protocol exploit and the $292 million Kelp exploit. More recently, the Verus Protocol's Ethereum bridge was exploited, causing significant losses. These repeated attacks highlight the ongoing vulnerabilities in the decentralized finance ecosystem, particularly where smart contracts and AI agents are involved.

The Bankr hack also echoes an earlier incident earlier this year, when someone reportedly exploited Bankr's feature that automatically creates a wallet for every X handle. The attacker tricked Grok into requesting that Bankr launch a token, then drained funds from that token into a wallet they controlled. This pattern of social engineering and prompt injection suggests that AI-powered platforms are increasingly becoming targets for sophisticated attackers.

Security recommendations for users

Security experts advise crypto users to always use hardware wallets for significant holdings and to avoid linking AI agents to wallets that contain large amounts of funds. Additionally, users should regularly revoke token approvals, enable two-factor authentication where possible, and be wary of any unsolicited requests that bypass normal verification processes. The Bankr incident serves as a reminder that even trusted AI tools can be manipulated if their underlying security frameworks are not robust.

Bankr has promised to reimburse all lost funds, which may help restore confidence among its user base. However, the full extent of the damage is still unknown. As the investigation continues, the crypto community waits for more details on how the attacker managed to access so many wallets and whether the platform's security has been permanently strengthened to prevent future breaches.

The use of AI in crypto trading is still relatively new, and incidents like this are likely to spur further scrutiny from regulators and security researchers. Until more secure protocols are developed, users must take extra precautions when granting any automated system access to their cryptographic keys.

Source: Cointelegraph News