The users of the Telegram-based cryptocurrency trading bot Banana Gun have been drained of nearly $2 million worth of digital assets.
Banana Gun enables Telegram users to trade on some of the most popular blockchains like Ethereum, Solana and Base.
However, at least 11 attackers have trained a collective $1.9 million worth of crypto from the Bot’s users, according to onchain security firm Cyvers’ senior SOC lead, Hakan Unal.
He told Cointelegraph:
“It appears that BananaGunBot wallets are being drained. Our system has detected around 11 attackers (potentially more), and approximately $1.9M has been stolen. Hundreds of users have already been affected."
Cyvers shared the 11 attacker addresses exclusively with Cointelegraph.
Banana Gun bot, 11 attacker addresses. Source: Cyvers
The attackers have drained the wallets of at least 36 victims, according to pseudonymous crypto sleuth Yannick Crypto, who wrote in a Sept. 19 X post:
Banana Gun Bot hack. Source: Yannick Crypto
The incident occurred two months after a hacker stole over $230 million from WazirX, an Indian cryptocurrency exchange, in the second-largest cryptocurrency hack of 2024 so far.
Is the Banana Gun Bot hack over?
Despite the lack of information, the attack doesn’t point to a wider smart contract vulnerability, according to Hakan Unal, senior blockchain scientist at Cyvers, who told Cointelegraph:
“Per our investigation so far, it doesn't seem like a contract exploit. It might be small amounts that are being drained from their users.”
The number of victims suggests that the hacker didn’t successfully infiltrate the entire trading bot, only an isolated number of accounts, according to the pseudonymous crypto sleuth, who added:
“There were less than 40 victims out of 10,000+ with probably $100m AUM, also the transaction heuristic doesn’t tell a hack on their site.”
The hack occurred nearly two weeks after the notorious crypto drainer toolkit, Angel Drainer, came back online, with a new and improved version that has already deployed hundreds of malicious apps.
It is unclear whether the Banana Gun Bot incident was related to Angel Drainer.
Are Bitcoin ETFs the next major targets for hackers?
North Korean hackers, including the infamous Lazarus Group, may begin targeting larger objectives, including United States-based Bitcoin (BTC) exchange-traded funds (ETFs).
Hackers could start shifting their attention to the US Bitcoin ETFs due to the sizable potential bounty, according to Michael Pearl, vice president of GTM strategy at onchain security company Cyvers, who told Cointelegraph:
“Only recently the FBI has issued a warning that North Korean hackers are going to try to infiltrate and steal money from ETFs. So, all those ETFs […] are storing the base Bitcoin somewhere. And you can be certain that somebody is already planning and thinking of how they're going to steal it.”
Cyvers’ Michael Pearl, interview with Cointelegraph’s Zoltan Vardai, clip 1. Source: Cointelegraph
Magazine: 2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug: Crypto-Sec