Banana Gun Developers Share Details Of Telegram Bot Hack

[Friend]

On September 19, members of the crypto community reported the alleged hacking of the Banana Gun trading bot and the theft of funds. The developers of the service confirmed "unauthorized transfers" from the wallets of a limited number of users.

UPDATE ON BOT SITUATION

Today, some users of Banana Gun experienced unauthorized transfers from their wallets. Promptly after the first incident, we immediately switched off the bot and began diligently checking our back-end.

We have confirmed that our back-end is not…
— Banana Gun (@BananaGunBot) September 19, 2024

https://twitter.com/x/status/1836789190953963606

According to them, after the first incident, the team disabled the bot and began a thorough check of the backend.

"We have confirmed that our backend is not compromised. Both the router and the database were thoroughly checked, and only a very small number of users (less than 10) were affected," Banana Gun said.

Since the translations were done manually, this presumably indicates a vulnerability in the frontend.

"We will keep our bot offline while we investigate the root cause," the team added.

The developers did not specify the amount of damage. According

to Dune Analytics, Banana Gun is one of the industry's leading Telegram-based trading bots with a trading volume of over $6 billion from nearly 272,000 users.

Amid the first reports of the alleged hack, the BANANA token reacted with a drop of more than 10%.

At the time of writing, its price has won back a drawdown of 5.7%. According to CoinGecko, the coin is trading at $40.64.

Recall that in November, the trading volume of Banana Gun exceeded $16 million.

 

[Friend]

The team of the Banana Gun trading Telegram bot has confirmed its intention to reimburse 11 affected users for $3 million stolen as a result of the hack on September 19.

BOT INCIDENT RECAP

First of all, we’re humbled by the incredible bot activity on Banana Gun, even after last week’s incident. Thank you all for your patience and trust. We take this as a testament that we're handling the situation properly. As previously mentioned, our EVM and…
— Banana Gun (@BananaGunBot) September 24, 2024

https://twitter.com/x/status/1838660010387116484

According to the developers, payments will be made from the project's treasury and this will not require an additional sale of tokens.

An investigation involving external experts revealed a potential vulnerability in the Telegram message oracle that used Banana Gun.

"The root cause analysis is confirmed, firstly, by the nature of the attack (manual translations, not a script) and the fact that victims received notifications about transfers in the bot," the developers said.

The attack was aimed at Smart Money traders and crypto market veterans, known in the community for their experience and media presence.

The incident affected EVM and Solana bots, which have separate codebases and work independently.

For now, the Banana Gun team has fixed the issue and reactivated the bots. For security reasons, transfers are made with a two-hour delay.

The developers plan to introduce two-factor authentication for data transfer, as well as audit web applications and Telegram bots.

Despite the incident, activity resumed at Banana Gun. According to Dune Analytics, at the time of writing, the cumulative trading volume has exceeded $6.3 billion from more than 278,000 users.