Decentralized finance (DeFi) protocol Banana Gun recently fell victim to an attack resulting in a $3 million loss.
The platform made the announcement on X on Wednesday.
The attack targeted high-profile users, including smart money traders and crypto veterans, exploiting a potential vulnerability in the Telegram message oracle used by the platform.
A total of 11 users were affected, with funds being manually transferred from their wallets while they interacted with Banana Gun’s bots on both EVM and Solana blockchains. The Shib Daily initially reported about this news Friday, back then citing a $1.9 million loss.
“After a thorough investigation by the Banana Gun development team and outside experts, we identified a potential vulnerability in the Telegram message oracle we use, which may have led to the exploit.
After patching this issue, we implemented enhanced security measures and reactivated the bots. This root cause analysis is supported by 1) the nature of the attack (manual transfers rather than a scripted drain) and 2) the fact that victims received in-bot notifications of the transfers” the Banana Gun team said.
Surge in Hacking Activity Raises Alarm as Crypto Theft Soars
A Chainalysis report states that following a 50% decrease in the value of stolen cryptocurrency in 2023 ( compared to 2022) hacking activity has surged this year. The report further states that although illicit activity within the crypto ecosystem is generally declining, two specific categories of crypto crime are defying this trend: stolen funds and ransomware.
These types of crime are frequently carried out by organized groups that employ advanced cyberinfrastructure. In particular, North Korean-linked hacking groups are infamous for orchestrating some of the largest thefts in the industry.
The Shib Daily reported earlier that a suspicious transaction on the cryptocurrency platform Bankroll Status, operating on the BNB Smart Chain (BNB), led to a loss of around $230,000. Preliminary investigations indicate that the infamous DualPools hacker is behind this malicious act.
In a related move, the official X account of Decentraland, a virtual reality platform, was hacked, raising concerns among its user community.
Regarding Banana Gun, the platform has since implemented enhanced security measures, including a 2-hour transfer delay, with plans to add two-factor authentication (2FA) for transfers.
Banana Gun also conducted a comprehensive review of its back-end and front-end systems, redeployed the back-end, switched to new servers, and collaborated with Security Alliance, one of the leading security teams in web3, for further investigation.
Read More
- Another Security Breach: Decentraland X Account Compromised
- Bankroll Status Loses $230K to Hacker
- Crypto September Bloodbath: A Non-Stop Rollercoaster of Hacks and Heists
Gairika holds positions in BTC. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.