Banana Gun Announces Full Refund of Losses, Token Surges 7%

Publicado em por

banana-token

Last week, the popular trading bot Banana Gun suffered a major hack. As reported by CriptoFácil, the action caused users of the service to lose a total of US$ 3 million in cryptocurrencies. But this Wednesday (25), the team announced that it will make a full refund to all 11 victims of the attack.

According to the Banana Gun team, the app’s own treasury will reimburse the losses from the action. As a result, the BANANA token saw a strong 7% rise, thus recovering last week’s losses.

Understand the Banana Gun case

In addition to the announcement, the Banana Gun team revealed details about the attack. One such revelation indicates that the attackers targeted cryptocurrency veterans with solid trading experience or substantial social media presence. This led to significant losses for the victims.

During the attack, users observed that the attackers manually transferred Ethereum (ETH) from their wallets in real-time while receiving notifications from the Telegram trading bot. Despite having independent codebases, both the Ethereum Virtual Machine (EVM) and Solana versions of the Telegram-based bot were compromised.

The team then managed to quickly shut down the bot, and no further attacks occurred after its deactivation. However, the Banana Gun EVM and Solana bots are back online and trading activity is once again hectic on the platform.

A detailed investigation into the attack with external security experts reveals that the hacker exploited a vulnerability in Telegram’s messaging oracle. This exploit allowed them to make manual transfers of ETH from users’ wallets, leading to significant losses.

  • Also read: Memecoins to watch in October: SUNDOG, PEPU, Turbo, and Neiro

Step-by-step recovery

Thus, the manual nature of the transfers and the in-bot notifications that users received during the attack were the root cause of the issue. To prevent future incidents, Banana Gun has introduced several mitigation measures into its bot:

  • implementation of a two-hour transfer delay;
  • adding two-factor authentication (2FA) for transfers;
  • complete review of back-end and front-end systems;
  • backend was redeployed on new servers.
  • partnered with Security Alliance, a leading web3 security company, in investigating the attack.

The next steps include penetration testing and additional audits of the Telegram web application and bots. The goal of these actions is to improve the systems and prevent hackers from taking further manual action and causing an attack of this nature again.

  • Also read: EigenLayer allows EIGEN token transfers starting September 30th

The post Banana Gun announces full refund of losses and token rises 7% appeared first on CriptoFacil.