Telegram Bot ‘Banana Gun’ to Reimburse $3 Million to 11 Hack Victims

Telegram bot Banana Gun was the target of a security compromise by hackers, leading to losses of about $3 million that affected eleven users. Following the breach, the Telegram-based platform has promised to reimburse the scam victims. In addition, it is taking the necessary steps to prevent future cyber heist re-occurrences.

Details of the Security Compromise, Leading to Losses of About $3 Million

Per Banana Gun, the fraudulent actors targeted veteran traders by exploiting a loophole in its Telegram message oracle. Consequently, they compromised the Ethereum Virtual Machine (EVM) and Solana versions of the bot despite both entities operating independently.

The cyber thieves opted for manual token transfers as they moved Ethereum (ETH) from victims' wallets. In addition, the attackers seem to target mostly seasoned investors, underscoring a well-planned move aimed at amassing significant funds from a few persons. Interestingly, while the token shifts happened, affected users received real-time notifications. However, they could do little or nothing to prevent the losses.

Banana Gun’s Timely Response that Helped to Prevent Further Losses

Like every platform with customers' interests as a priority, Banana Gun’s cyber security squad swung into action to stop the malicious actors from wreaking more havoc. First, the team shut down the bot to forestall further losses.

In addition, it began an in-depth investigation in collaboration with relevant external online security experts like the Web3 security firm Security Alliance. The investigations' findings led to the implementation of some standardized precautionary measures.

The implemented security breach prevention steps include the introduction of a two-hour transactional delay. With these innovations, users will have sufficient time to react once they suspect suspicious token transfers.

Additionally, the security team has rolled out a two-factor authentication (2FA) for every transfer on the Telegram bot platform. Programming-wise, the squad reviewed the backend and frontend systems thoroughly. Interestingly, it adopted new servers to avoid leaving a linking trace for the hackers to regain access.

Disclaimer: This article is intended solely for informational purposes and should not be considered trading or investment advice. Nothing herein should be construed as financial, legal, or tax advice. Trading or investing in cryptocurrencies carries a considerable risk of financial loss. Always conduct due diligence before making any trading or investment decisions.

Subscribe to our Newsletter

Join our community and stay up-to-date with the latest news, updates, and exclusive offers by subscribing to our newsletter. Enter your email address below to receive our monthly newsletter directly to your inbox.

pop up image

Experience the Best of Online Payment with Crypto

UPay offers mainstream-friendly access to crypto. Easily buy, swap, make payouts, and manage funds using our crypto card. No cross-border fees.