Several community reports suggest that wallets connected to the Telegram bot Banana Gun have been compromised, with some users reporting the loss of funds.
"We are investigating the issue. The bot is currently offline," the Banana Gun team stated in a pinned message on their official Telegram channel.
According to a community member, yannickcrypto.eth, who posted on X, "It seems there are already 36 victims, with almost 563 ETH ($1.4 million) stolen 'so far' on the mainnet. However, I wouldn't say Banana Gun itself got hacked—there aren’t enough victims."
In an update on X later Thursday, Banana Gun confirmed that some users experienced "unauthorized transfers" from their wallets, prompting the team to take the bot offline. However, they emphasized that their back-end systems were not compromised.
"Only a very small number of users (fewer than 10) were affected," the project clarified. "Additionally, the transfers seem to have been executed manually, leading us to believe the issue might stem from a front-end vulnerability."
As the Banana Gun team continues to investigate the root cause, they have kept the Telegram bot offline and are actively seeking any information that could assist in their inquiry.
Following the news of the hack, the price of BANANA suffered a massive blow with an 8% drop within the first hour. The token is currently trading around $39.90.
Banana Gun Bot hack over?
Despite the lack of information, the attack doesn't point to a wider smart contract vulnerability, according to Hakan Unal, senior blockchain scientists at Cyvers, who told Cointelegraph:
"Per our investigation so far, it doesn't seem like a contract exploit. It might be small amounts that are being drained from their users."
With the number of affected victims, some are speculating that the hackers failed to infiltrate the entire trading bot, and only an isolated number account.
The hack happened just two weeks after the reemergence of notorious crypto phising app Angel Drainer with a new and improved version that has already deployed hundreds of malicious apps.
But it remains unclear whether Angel Drainer could have orchestrated the Banana Gun bot hack.
What is Banana Gun?
Banana Gun operates a Telegram-based trading bot that allows users to execute on-chain transactions and snipe upcoming token launches.
This is not the first challenge the project has faced. Last September, a botched launch of the revenue-sharing Banana token occurred due to a bug in its smart contract.
According to its Dune Analytics dashboard, the platform is a leading player in the industry, facilitating over $6 billion in trading volume across nearly 272,000 users.
Despite its popularity, the recent security break has sparked debates about the safety of using automated trading tools in the crypto industry.