Users of the popular Telegram-based cryptocurrency trading bot, Banana Gun, have fallen victim to a significant hack that resulted in the theft of over $1.9 million in digital assets. The incident, first reported on September 19, has affected at least 36 victims, though the exact number may be higher as investigations continue.
The Banana Gun bot, designed to facilitate cryptocurrency trades across major blockchains like Ethereum, Solana, and Base, was compromised by at least 11 attackers, according to on-chain security firm Cyvers. Hakan Unal, Senior Security Operation Center lead at Cyvers, confirmed the breach, stating:
It appears that BananaGunBot wallets are being drained. Our system has detected around 11 attackers, and approximately $1.9 million has been stolen.
The security breach marks one of the more notable hacks in the cryptocurrency industry in recent months. While the attack has impacted a relatively small number of users—less than 40 out of Banana Gun’s user base of over 10,000—the financial loss is significant. In total, the attackers drained over 500 Ether (ETH), valued at $1.9 million.
Unclear Cause of the Breach
Despite the scale of the attack, there is no evidence that the bot’s smart contract itself was compromised. This leaves room for speculation that the attack could have been the result of phishing or a security loophole elsewhere in the system.
The incident has raised questions within the cryptocurrency community about the security of automated trading tools. Banana Gun, which allows users to trade with features such as auto-sniping, limit orders, and manual swaps, has been widely used since its launch due to its convenience and claims of robust security against market manipulation tactics like MEV bots.
Response from Banana Gun
In response to the hack, the Banana Gun team acknowledged the issue on its Telegram channel, informing users that the bot is currently offline while investigations are underway.
We are investigating the issue; the bot is currently offline,
This isn’t the first setback for Banana Gun. In 2023, the bot’s native ERC-20 token, BANANA, faced a failed launch due to a bug in its smart contract. Despite these challenges, Banana Gun has remained one of the leading Telegram-based trading bots, facilitating over $6 billion in trading volume for nearly 272,000 users, according to Dune Analytics.