Bankr wallet exploit hits 14 wallets—company shuts down and pledges $150K

A Bankr wallet exploit has put fresh pressure on one of crypto’s more experimental products after a malicious user gained access to 14 wallets tied to the AI-powered assistant. Bankr responded by temporarily shutting down operations, investigating the breach, and saying it would reimburse victims for losses totaling $150,000.

The incident lands at an uncomfortable moment for AI-driven crypto tools. Bankr is built around a simple pitch: users can tell an automated assistant to trade, transfer, and launch tokens using plain language. That convenience can make crypto easier to use. However, it can also create a new kind of security problem when trust shifts from manual wallet controls to automated agents.

For affected users, the guidance was immediate and blunt. Stop using the compromised wallet, create a new one, cancel approvals, and monitor devices. Bankr warned that the attacker may already have obtained a private key or seed phrase.

Bankr says 14 wallets were accessed

The central facts of the breach are clear. Bankr said a malicious user accessed 14 Bankr wallets and that it temporarily disabled operations after the attack.

It also committed to paying back victims for losses of $150,000, giving users an early sign that the company is trying to contain both financial damage and reputational fallout.

That matters because Bankr is not just another wallet app. It is an AI crypto trading assistant that automates actions many users would normally perform manually. When a service like that suffers a breach, the concern is not limited to a few isolated accounts. Instead, it raises broader questions about how safely automated systems handle wallet access and transaction execution.

How the Bankr wallet exploit may have worked

Bankr has not publicly detailed the exact attack path, but its guidance to users points to the seriousness of the compromise. The team said victims should stop using the compromised wallet right away because the attacker could already have the private key or seed phrase.

Users were also told to:

• Create a new wallet
• Cancel approvals
• Keep an eye on their devices

Those steps suggest the threat may extend beyond a single bad transaction. In crypto, once wallet credentials or approvals are exposed, attackers can continue to drain funds or trigger follow-on activity if users do not move quickly.

Why Bankr’s model is getting extra scrutiny

Part of the attention around the Bankr wallet exploit comes from how the service works. Rather than using a traditional wallet interface, Bankr allows users to instruct AI to trade, transfer, and launch tokens through plain-language prompts.

It also automatically generates a cryptocurrency wallet for each X handle that interacts with its bot.

That design lowers friction, which is one reason AI crypto trading assistant products have drawn interest. But it also introduces a more complex trust chain. A user is no longer just trusting a wallet and a signature flow. They are trusting how an AI agent interprets instructions, how linked systems communicate, and whether automated actions can be manipulated.

As a result, the breach matters beyond Bankr itself. If crypto services keep moving toward conversational interfaces, then wallet security may increasingly depend on defending not only keys and devices, but also prompts, agent behavior, and machine-to-machine interactions.

Grok prompt injection and the wider security concern

SlowMist founder Yu Xian described the incident as a social engineering exploit, framing it as more than a routine wallet compromise.

“It was a social engineering exploit targeting the trust layer between automated agents—specifically an interaction between grok and bankrbot that allowed unauthorized transaction signing.”

He also pointed to what he said was a similar pattern seen before.

“It seems like a combo of social engineering exploits targeting Grok + Bankrbot. Previously, the wallet-related assets allocated by Bankrbot to @grok were also stolen through a similar combo (prompt injection exploitation).”

That link to Grok prompt injection is one reason the story is resonating across crypto security circles. Even without a fully disclosed technical breakdown, the suggestion is that attackers may be targeting the logic layer around AI systems, not just trying to brute-force wallets in the old-fashioned way.

What the Bankr hacked wallets episode means now

For users, the immediate impact is practical: compromised wallets should be abandoned, approvals need to be reviewed, and new wallets should be created where necessary.

For the industry, the Bankr hacked wallets episode is a warning that AI convenience can compress security assumptions. A tool that makes crypto easier to operate through natural language may also make it easier for attackers to exploit trust between systems if safeguards are not strong enough.

That is the bigger story here. Crypto has long dealt with wallet theft, phishing, and smart contract exploits. AI-driven products may now be adding another attack surface, one where social engineering and automated execution collide.

Bankr’s reimbursement pledge may help calm users in the short term. However, the harder test will be whether AI-first crypto platforms can prove they can keep automation from becoming the weakest point in the wallet stack.