After users reported mysterious withdrawals, the Banana Gun team disabled its Telegram bot and confirmed that its code was not exploited.
Banana Gun Team Responds to Security Concerns
An update from the Banana Gun team stated that its back-end was uncompromised, despite reports of unauthorized transactions from user wallets flooding crypto social media. Banana Gun, a Telegram-based bot that allows users to execute quick swaps, remained offline at press time. The team did not provide a timeline for when its tool might be reactivated.
Potential Front-End Vulnerability
Regarding the root cause, the project suggested that a front-end vulnerability was likely the issue. While scant details were disclosed, the teamβs statement implied that the exploit may have originated from Telegram. Although unconfirmed, itβs possible that the ten or so affected users interacted with malicious links. Phishing scammers have launched a deluge of harmful campaigns this year, attempting to steal cryptocurrencies and digital assets from web3 participants.
Community Support and Security Measures
Banana Gunβs team encouraged the public to reach out with helpful information or report further cases. The tool has generated over $35 million in all-time fees, according to DefiLlama, and thousands of users employ its Telegram trading bot.
As we prioritize security, we will keep our bot offline while we investigate the root cause. The amount of support weβve received, particularly from our partners, has been truly heartwarming. If you have any insights that may help us, feel free to send us a direct message here on Twitter.
Banana Gun team update on unpermitted transfers
Today, some users of Banana Gun experienced unauthorized transfers from their wallets. Promptly after the first incident, we immediately switched off the bot and began diligently checking our back-end. We have confirmed that our back-end is not compromised.
Similar Incidents in Decentralized Finance
If Telegram emerges as the issueβs origin, Banana Gun would be the second decentralized finance protocol to suffer a web2-based exploit this week.
On Sept. 18, hackers gained access to the website of Ethena Labs, a synthetic dollar issuer. Similar to the Telegram bot, Ethena paused its website until the issue was resolved.
We’ve worked with the registrar to regain control of our domain and had the phishing domains blocked across various services to protect our users. To reiterate, the protocol is not affected and funds are secure.