Last week, the Telegram trading bot Banana Gun faced a major exploit with nearly $3 million in user funds lost. The team has recently announced that all 11 users who suffered losses will get full refunds from its own Treasury. Following the announcement, the BANANA price surged by more than 7% in the last 24 hours.
BANANA Price Surges 7% After Addressing Vulnerabilities
A detailed investigation into the hack along with the external security experts reveals that the hacker exploited a vulnerability in the Telegram message oracle, during the recent attract. This exploit led to the manual transfers of ETH from users’ wallets, leading to significant losses.
Thus, the manual nature of the transfers and the in-bot notifications users received during the attack were the root cause of the issue. After addressing the vulnerability the team has reactivated the bot by enhancing the security protocols.
To prevent future incidents, Banana Gun has introduced several mitigation measures:
Firstly, they have implemented a two-hour transfer delay.
They have also added Two-factor authentication (2FA) for transfers.
The team has thoroughly reviewed both back-end and front-end systems.
The back end has been redeployed on new servers.
The Telegram trading bot conducted the investigation in collaboration with Security Alliance, a leading web3 security firm.
Upcoming steps include penetration testing and additional audits of the web app and Telegram bots.
Following this announcement of the refund, the BANANA price jumped 7% moving past $39.00 and its market cap crossing $133.5 million. With this, it has regained most of the last week’s losses.
Crypto hacks have increased recently, especially on the X platform, with OpenAI executive accounts compromised recently.
Banana Gun Hackers Targeted Crypto Veterans
Details of the Banana Gun hack revealed that the attackers targeted crypto veterans with strong trading backgrounds or substantial social media presence. This further led to significant losses for the victims.
During the attack, users observed that the attackers manually transferred ETH from their wallets in real-time while receiving notifications from the Telegram trading bot. Despite having independent codebases, both the Ethereum Virtual Machine (EVM) and Solana versions of the Telegram-based bot were compromised. The team then quickly managed to shut down the bot, and no further attacks occurred after its deactivation.
However, the Banana Gun EVM and Solana bots are back online and trading activity has been bustling again on the platform. Here’s a look into some of the top crypto trading bots for 2024.
The post BANANA Price Jumps 7% As Banana Gun Issues Full Refund to Hack Victims appeared first on CoinGape.