$BANANA

First, despite the unfortunate incident last week, the bot activity on the Banana Gun platform remains high, which we are deeply sorry for and would like to express our sincere gratitude for everyone's patience and continued trust. We view this recovery as a positive validation of our crisis management capabilities. As previously reported, our EVM and Solana bots are now fully operational again without any restrictions, the only difference is the addition of a 2-hour transaction delay.

This incident affected 11 users in total, with a cumulative loss of $3 million. In response, Banana Gun has promised to provide a full refund from its treasury to all affected users, ensuring that no tokens will be sold to make up for the losses.

Specific details of the attack:

The attack precisely targeted experienced currency traders and veterans in the cryptocurrency field, who are usually highly vigilant and knowledgeable, but still fell victim to the attack. The victims were all "famous" figures in the industry, whose fame may be due to social influence or trading skills. While interacting with the bot and receiving notifications, the victim witnessed the attacker manually transferring ETH directly from their wallet. The attack affected both our EVM and Solana bot systems, which are run independently and have independent code bases. It is worth noting that no new attacks have occurred since the bot service was suspended.

After in-depth analysis, the Banana Gun development team and external security experts confirmed that a potential security vulnerability in the Telegram message oracle was most likely the entry point for this attack.

To completely resolve the issue and prevent similar incidents in the future, we have taken a series of enhanced security measures:

✓ Introduced a 2-hour transaction delay mechanism

✓ Plans to add two-factor authentication (2FA) to the transfer function are currently in the implementation stage

✓ Conducted a comprehensive review and reinforcement of the platform's front-end and back-end systems

✓ Completed the back-end redeployment and migrated to a new server environment

✓ Worked with the Security Alliance, a top organization in the field of Web3 security, to conduct an in-depth investigation of the incident