- Banana Gun to refund $3M to 11 users impacted by a vulnerability in its Telegram message oracle.
- The attack targeted well-known crypto traders, leading to manual ETH transfers from affected wallets.
- Enhanced security measures implemented, including a 2-hour transfer delay and upcoming 2FA for transfers.
Telegram trading bot Banana Gun recently revealed the details of a security breach that led to $3 million in losses for 11 affected users.
According to the team, the attack exploited a potential vulnerability in the Telegram message oracle, resulting in unauthorised Ethereum transfers from the wallets of impacted users. All those affected will receive full refunds from the platform’s treasury, and no tokens will be sold for reimbursements.
The attack primarily targeted crypto veterans and smart money traders, many well-known figures within the cryptocurrency community.
The attacker manually transferred Ethereum from victims’ wallets while they were actively using the bot, with notifications received in real time through the platform’s system.
Despite this breach, the Banana Gun team has praised the resilience of its user base, noting continued bot activity even after the incident.
Despite having separate codebases, both Banana Gun’s Ethereum Virtual Machine (EVM) and Solana bots were affected. However, no further attacks occurred following the bots’ temporary shutdown.
An investigation conducted by the Banana Gun development team, alongside third-party security experts, identified the Telegram message oracle as the source of the vulnerability.
The platform has rolled out several new security measures to prevent future incidents. A two-hour transfer delay has been implemented, and two-factor authentication (2FA) will be added soon for all transactions.
Additionally, the back-end infrastructure has been redeployed with new servers, and a comprehensive review of both front-end and back-end systems has been completed.
Banana Gun has also partnered with the Security Alliance, a leading security firm in the Web3 space, to conduct further audits and penetration testing.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
