- Trending
- Comments
- Latest
Attackers drained approximately $170,000 from wallets on Base on May 19 after allegedly obtaining direct signing access to accounts managed through Bankr, an AI-integrated trading platform, bypassing smart contract protections entirely.
The incident has drawn attention from crypto investors and security researchers because the exploit appears to involve compromised signing permissions rather than a traditional smart contract vulnerability.
Analysts say the case highlights growing risks tied to embedded wallets, AI-driven trading tools, and custodial infrastructure increasingly used in decentralized finance applications.
According to on-chain findings referenced in reports, the first suspicious transfers were detected around 10:58 UTC on May 19.
Attackers allegedly moved approximately 118 million BNKR tokens, valued at nearly $57,000 at the time from a compromised wallet before converting portions of the funds into ETH on Base and bridging assets to Ethereum mainnet.
Blockchain analyst 0xaqt estimated total losses at roughly $170,000 across several affected wallets.
“The attacker had direct signing access to Privy-managed embedded wallets,” — 0xaqt, blockchain analyst.
The report noted that the exploit did not appear to rely on token approvals or smart contract manipulation. Instead, investigators believe attackers may have obtained direct transaction-signing capabilities.
In response, Bankr reportedly paused all transactions at approximately 15:51 GMT while its team investigated the breach and attempted to contain the incident.
The Bankr incident arrives amid a broader wave of wallet-draining attacks affecting users across multiple blockchain ecosystems.
Security researchers and on-chain investigators have increasingly warned that phishing campaigns, compromised signing requests, and embedded wallet vulnerabilities are becoming major attack vectors in crypto markets.
Earlier this month, another reported exploit tied to Bankr’s tooling involved an AI-linked wallet associated with “Grok,” where attackers allegedly used prompt injection techniques to trigger unauthorized token transfers.
That incident reportedly resulted in the movement of billions of DRB tokens worth more than $150,000 before most of the funds were later recovered.
“An AI-linked wallet associated with ‘Grok’ lost 3 billion DRB tokens after a prompt injection attack,” — Crypto Economy report.
The recurrence of attacks linked to AI-assisted wallets has fueled debate among investors about whether convenience-focused wallet infrastructure may be introducing new systemic security risks.
Several community members cited in reports criticized custodial or semi-custodial wallet architectures that abstract private-key management away from users.
The exploit also reflects a broader trend affecting decentralized finance platforms and crypto wallet providers throughout 2025 and 2026.
Investigators including blockchain sleuth ZachXBT have repeatedly warned about coordinated wallet-draining campaigns targeting EVM-compatible chains through phishing links, malicious approvals, and compromised sessions.
Security researchers say many of these attacks exploit user trust rather than flaws in blockchain protocols themselves.
Attackers frequently impersonate legitimate applications, inject malicious prompts, or trick users into authorizing transactions that silently transfer funds.
A recent academic paper examining wallet-targeting malware noted that attackers increasingly rely on social engineering and interface manipulation to bypass user verification systems.
For investors and traders, the Bankr exploit serves as another reminder that operational security remains one of the most critical risks in crypto markets, particularly as AI-integrated financial tools gain traction among retail users.
Bankr has not yet released a full post-mortem detailing the precise attack vector, the total amount lost, or whether affected users will receive compensation.
Copyright © 2025 - The Bit Gazette.
