Banana Gun update: Under 10 users affected, bot secure

As a seasoned analyst with over two decades of experience in the tech and crypto industries, I have witnessed countless incidents of vulnerabilities exploited by malicious actors. The recent events surrounding Banana Gun and Ethena Labs are no exception to this rule.


Upon receiving reports of puzzling transactions from our users, I, as part of the Banana Gun team, temporarily deactivated our Telegram bot for safety measures. Subsequent investigations have revealed that there was no breach or exploitation in our code.

According to the latest news from the Banana Gun team, their back-end system has not been breached, despite numerous allegations of unapproved transactions occurring in user wallets across various crypto platforms on social media. At this moment, Banana Gun – a bot operating within Telegram that facilitates swift swaps – remains deactivated. The team has yet to disclose an estimated time for when the tool will be operational again.

According to the proposed explanation, it seems like a weakness in the front-end could be the problem at hand. Although specifics weren’t shared, the team hinted that the potential attack might have stemmed from Telegram.

It’s speculated, but potentially true, that some of the several impacted users may have encountered harmful links. This year, phishing fraudsters have flooded the internet with dangerous campaigns, aiming to swindle cryptocurrencies and digital assets from users in the web3 community.

Banana Gun’s team invites everyone to share useful insights or report additional instances. So far, the platform has amassed more than $35 million in total transaction fees, as reported by DefiLlama. Moreover, countless individuals make use of its Telegram trading bot.

To ensure safety, we’ll temporarily take our bot out of service while we uncover the underlying issue. The outpouring of assistance from all of you, especially our partners, has been incredibly touching. If you have any suggestions that might be helpful, don’t hesitate to reach out to us directly through this Twitter account.

Banana Gun team update on unpermitted transfers

UPDATE ON BOT SITUATION

Today, some users of Banana Gun experienced unauthorized transfers from their wallets. Promptly after the first incident, we immediately switched off the bot and began diligently checking our back-end.

We have confirmed that our back-end is not…

— Banana Gun 🍌🔫 (@BananaGunBot) September 19, 2024

If it’s found that the problem started with Telegram, then Banana Gun will become the second decentralized finance project this week to experience an exploit of web2 origin.

On September 18th, hackers managed to infiltrate the website of Ethena Labs, a company that produces synthetic dollars. Much like the Telegram bot, Ethena temporarily halted its site while dealing with this security concern.

We collaborated with the registrar to retake ownership of our website domain and prevented phishing sites from operating on multiple platforms to safeguard our users.

Just to clarify, the system functioning is unaltered and your funds remain secure.

At this time, ethena[.]fi remains the sole official site and we will…

— Ethena Labs (@ethena_labs) September 18, 2024

Read More

Sorry. No data so far.

2024-09-19 20:06