Banana Gun will refund 11 users impacted by a $3 million hack, drawing funds from the company treasury without selling tokens.
The hack exploited a vulnerability in the Telegram message oracle, allowing hackers to drain victims' wallets during interactions.
Banana Gun has implemented a 2-hour transfer delay and plans to add two-factor authentication to enhance security.
Telegram trading bot Banana Gun has revealed a full refund plan for users affected by a recent $3 million hack. According to the Banana Gun team, the attack impacted 11 users, who will be reimbursed from the Banana Gun Treasury.
https://twitter.com/BananaGunBot/status/1838660010387116484
The team confirmed that the Ethereum Virtual Machine and Solana bots, which were compromised during the breach, are back online with no restrictions, except for a 2-hour transfer delay.
Reimbursement from Banana Gun Treasury
The team has reassured affected users that all refunds will come directly from the company’s treasury. Importantly, no tokens will be sold to facilitate the reimbursement process.
The hack, which targeted experienced crypto traders and influencers, involved the manual draining of victims’ wallets as they interacted with the bot. In response, Banana Gun promptly shut down the EVM and Solana bots to contain the breach.
Details of the Security Breach
According to Banana Gun, the hackers exploited a vulnerability in the Telegram message oracle. This weakness enabled the unauthorized transfers, allowing the attackers to access and drain wallets during real-time interactions. The team has since fixed the vulnerability and introduced enhanced security measures to prevent future incidents.
Security Enhancements and Preventative Measures
In addition to the refund plan, the team has implemented a 2-hour transfer delay on the EVM and Solana bots. The team is also working on integrating two-factor authentication for all future transactions. Moreover, Banana Gun has committed to a full analysis of its front-end and back-end systems to ensure the security of its platform.
Switch to New Servers for Added Protection
As a precaution, Banana Gun has switched to new servers and redeployed its back-end infrastructure. The company has also partnered with third-party security firms, including Web3 security leader Security Alliance, to conduct additional audits on both its Telegram bots and web applications.
The hack, which took place on September 19, closely follows a similar incident involving Indian crypto exchange WazirX, which lost $235 million in a multisig wallet attack.
Banana Gun’s swift response and commitment to refunding affected users is a step toward rebuilding trust. The additional security measures will likely prevent future breaches, ensuring a safer trading environment for its users.
The post Banana Gun Pledges $3 Million Refund for Hacked Users, Implements New Security Protocols appeared first on Crypto News Land.
