After users reported the mysterious footage, the Banana Gun team disabled the Telegram bot and confirmed that its code had not been exploited.
In an update from the Banana Gun (BANANA) team, it was noted that its backend had not been compromised despite reports of unauthorized transactions from user wallets flooding crypto social media. Banana Gun, a Telegram-based bot that allows users to perform quick swaps, was offline at press time. The team did not provide a timeline for when the tool might be reactivated.
As for the root cause, the project suggested that the issue was likely a front-end vulnerability. While few details were disclosed, the team’s statement hinted that the exploit may have originated from Telegram.
While unconfirmed, it’s possible that as many as ten affected users may have engaged with malicious links. Phishing scammers have launched a series of malicious campaigns this year, attempting to steal cryptocurrencies and digital assets from web3 contributors.
The Banana Gun team encouraged the public to get in touch with helpful information or report more cases. According to DefiLlama, the tool has generated more than $35 million in revenue, an all-time high, and thousands of users are using the Telegram trading bot.
Since we prioritize security, we will keep our bot offline while we investigate the root cause. The amount of support we have received, especially from our partners, has been really heartwarming. If you have any ideas that could help us, feel free to send us a direct message on Twitter.
Banana Gun team update on unauthorized transfers
UPDATE ON BOT STATUS
Today, some users of Banana Gun experienced unauthorized transfers from their wallets. Immediately after the first incident, we shut down the bot and started to carefully monitor our backend.
We have verified that our backend is not…
— Banana Gun 🍌🔫 (@BananaGunBot) September 19, 2024
If Telegram is found to be the source of the problem, Banana Gun will become the second decentralized finance protocol to suffer a web2-based attack this week.
On September 18, hackers gained access to the website of Ethena Labs, which issues synthetic dollars. Similar to the Telegram bot, Ethena also paused the website until the issue was resolved.
We worked with the registrar to regain control of our domain and blocked phishing domains across several services to protect our users.
Again, the protocol has not been affected and funds are safe.
Etena[.]fi remains the only official domain name and we… https://t.co/x7twAcUNGr
— Ethena Labs (@ethena_labs) September 18, 2024
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
Toncoin 
TRON 
Cardano 
Avalanche 
Wrapped stETH 
Wrapped Bitcoin 
Shiba Inu 
WETH 
Chainlink 
Bitcoin Cash 
Polkadot 
Dai 
LEO Token 
Uniswap 
Litecoin 
NEAR Protocol 
Kaspa 
Wrapped eETH 
Sui 
Internet Computer 
Artificial Superintelligence Alliance 
Aptos 
Pepe 
Monero 
First Digital USD 
POL (ex-MATIC) 
Stellar 
Bittensor 
Ethereum Classic 
Stacks 
Ethena USDe 
Immutable 
OKB 
Aave 
Cronos 
Filecoin 
Arbitrum 
Render 
Injective 
Mantle 
Optimism