Bankr (Bankrbot AI) — Agent Trust-Layer Exploit (14 wallets) — May 19, 2026
14
victims identified on this incident
Are you a victim? → Join the group (coming soon)
Facts and investigation
FreeAttacker: 3 Base addresses identified by SlowMist (Yu Xian @evilcos, 20 May 2026), cumulative profits >$440K: 0x5430D25C9Ec5D06BfAECdd6845c433fb6Ce05f8D + 0x04439150B4704E16C6D7A33F14ACaa35a62924Ab + 0x8b0c451d617a360d15fe2223a550dddb96d1126d
Funds moved to: ~$440K in ETH and tokens consolidated on the 3 attacker wallets on Base. Bankr paused all transactions at ~11:00 UTC on 19 May 2026 to prevent further losses. No Tornado Cash routing or cross-chain bridging reported as of 23 May 2026.
3 attacker addresses on Base (verifiable on-chain via BaseScan). 14 compromised Bankr user wallets (auto-generated for each X handle). Vector: compromise of the trust layer between Grok (xAI) AI agents and Bankrbot, NOT the smart contract. Direct link with breach #1 on 4 May 2026 ($175K DRB on Grok wallet via Morse code prompt injection).
Timeline: On 19 May 2026 at ~06:00 UTC, Bankr detected unauthorized transfers from 14 Bankr-managed user wallets. The attacker exploited the trust layer between Grok (xAI) and Bankrbot via inter-agent prompt injection / social engineering (second incident after the 4 May 2026 one on the Grok wallet / DRB). Verbatim quote from Bankrbot (@bankrbot tweet 19 May): 'we've identified an attacker was able to access 14 bankr wallets. we've temporarily locked things down while we work through the details. we will be reimbursing any and all lost funds.' At ~11:00 UTC: Bankr paused all transactions (swaps, transfers, token deployments). On 20 May 2026 at 04:10 UTC, Yu Xian (SlowMist co-founder) published on X (@evilcos) the 3 attacker addresses verbatim with Bankrbot quote: 'it was a social engineering exploit targeting the trust layer between automated agents—specifically an interaction between grok and bankrbot that allowed unauthorized transaction signing.' Yu Xian also confirmed: 'Previously, the wallet-related assets allocated by Bankrbot to @grok were also stolen through a similar combo (prompt injection exploitation)' — confirming the direct link with the 4 May breach #1. Bankr publicly committed to reimburse all lost funds from its treasury (>$3M reserves per SlowMist Hacked). Second Bankr incident in 15 days — same bug class exploited at scale (14 wallets vs 1). AI agent permission-chain abuse: systemic pattern across all bots integrating Grok / Claude / GPT with signing authority.
Sources and coverage
Free- Articlex.comhttps://x.com/evilcos/status/2056905298787582417
- Articlex.comhttps://x.com/bankrbot/status/2056824330999533747
- Articlebasescan.orghttps://basescan.org/address/0x5430D25C9Ec5D06BfAECdd6845c433fb6Ce05f8D
- Articlebasescan.orghttps://basescan.org/address/0x04439150B4704E16C6D7A33F14ACaa35a62924Ab
- Articlebasescan.orghttps://basescan.org/address/0x8b0c451d617a360d15fe2223a550dddb96d1126d
- Articlecointelegraph.comhttps://cointelegraph.com/news/bankr-disables-transactions-after-14-wallets-hacked
- Articlecryptotimes.iohttps://www.cryptotimes.io/2026/05/20/bankr-breach-exposes-ai-crypto-wallet-after-attacker-accessed-14-wallets/
- Articleyellow.comhttps://yellow.com/news/bankr-halts-14-wallets-150k-ai-attack
- Articlehacked.slowmist.iohttps://hacked.slowmist.io/
- Articlebitcoinist.comhttps://bitcoinist.com/crypto-ai-platform-bankr-locks-down-system-after-hacker-breaches-14-crypto-wallets/
Victim testimonies
FreeNo testimonies yet.
+ Add my testimony → (coming soon)