Recent events have brought attention to vulnerabilities in cryptocurrency platforms, particularly regarding user security and management of private keys. One notable incident involved tech entrepreneur Austen Allred, whose crypto wallet linked to the Kelly Claude AI assistant was compromised, resulting in the loss of Ether. Interestingly, the attacker did not touch his memecoin holdings, indicating a targeted approach toward specific assets.

Understanding the Incident

Bankr is a platform designed for cryptocurrency trading, allowing users to issue straightforward commands like “swap this token” or “transfer funds” to an AI that executes the transactions. Each user account automatically generates a crypto wallet for interaction with the bot.

This automatic wallet generation feature raised concerns earlier in the year when an individual deceived Grok, another AI tool, into initiating a token launch and siphoned funds into a wallet under their control.

On Tuesday, a similar breach occurred. According to Yu Xian, founder of the blockchain security firm SlowMist, the attack appears to have originated from a social engineering tactic aimed at the AI system itself. This method exploited existing trust between Grok and Bankr, enabling unauthorized transaction approvals.

Xian identified three wallet addresses associated with the perpetrator, collectively holding approximately $440,000 in crypto assets. Additionally, he pointed out that prompt injection—where harmful commands are inputted into an AI to alter its actions—was part of the attack strategy.

Update: We have confirmed that an attacker accessed 14 Bankr wallets.

All transaction activities have been temporarily halted as we investigate the situation. We will reimburse all affected users.

We will provide updates as they become available.

— Bankr (@bankrbot) May 19, 2026

Bankr’s Response and User Safety Measures

In response to the breach, Bankr openly acknowledged the incident on social media, confirming unauthorized access to 14 wallets. As a precaution, the platform suspended all transaction functions—swaps, transfers, and token deployments—while conducting a thorough investigation. Importantly, they pledged to reimburse all affected users.

Bankr advised caution, recommending that users refrain from signing transactions until further notice. Those whose wallets were compromised were urged to stop using those accounts, create a new wallet with a secure seed phrase on an uninfected device, and transfer any remaining assets promptly.

For users unable to transfer their assets, revoking existing transaction approvals was suggested. Further, Bankr raised concerns about potential malware, recommending users inspect their devices for suspicious software or extensions.

The Impact on Users

The financial repercussions of the breach were significant for some users, with reports indicating losses of up to $150,000 from individual wallets. While the total losses across all compromised wallets have not been confirmed, this incident adds to a troubling trend in the crypto sector.

• In the first quarter alone, over $168 million was reportedly stolen in various cyberattacks.
• April saw two of the most significant breaches to date: a $280 million exploit of Drift Protocol and a $292 million breach of Kelp.
• The day prior to the Bankr incident, the Ethereum bridge of Verus Protocol was also reportedly assaulted.

This series of incidents highlights ongoing risks in the cryptocurrency landscape and emphasizes the importance of security awareness among users.

Image sourced from Unsplash, with data visualization from TradingView.