{"id":17267,"date":"2024-09-25T15:42:22","date_gmt":"2024-09-25T12:42:22","guid":{"rendered":"https:\/\/forklog.com\/en\/banana-gun-telegram-bot-to-compensate-3-million-to-hack-victims\/"},"modified":"2024-09-25T15:42:22","modified_gmt":"2024-09-25T12:42:22","slug":"banana-gun-telegram-bot-to-compensate-3-million-to-hack-victims","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/banana-gun-telegram-bot-to-compensate-3-million-to-hack-victims\/","title":{"rendered":"Banana Gun Telegram Bot to Compensate $3 Million to Hack Victims"},"content":{"rendered":"<p>The team behind the trading Telegram bot Banana Gun has confirmed its intention to compensate 11 affected users with $3 million, stolen during a hack on September 19.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">BOT INCIDENT RECAP<\/p>\n<p>First of all, we\u2019re humbled by the incredible bot activity on Banana Gun, even after last week\u2019s incident. Thank you all for your patience and trust. We take this as a testament that we&#8217;re handling the situation properly. As previously mentioned, our EVM and\u2026<\/p>\n<p>\u2014 Banana Gun ?? (@BananaGunBot) <a href=\"https:\/\/twitter.com\/BananaGunBot\/status\/1838660010387116484?ref_src=twsrc%5Etfw\">September 24, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to the developers, the compensation will be made from the project&#8217;s treasury and will not require additional token sales.<\/p>\n<p>An investigation involving external experts identified a potential vulnerability in the Telegram message oracle used by Banana Gun.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe root cause analysis is confirmed, firstly, by the nature of the attack (manual transfers, not a script) and the fact that victims received notifications of transfers in the bot,\u201d the developers reported.<\/p>\n<\/blockquote>\n<p>The attack targeted Smart Money traders and seasoned crypto market veterans, known in the community for their experience and media presence.<\/p>\n<p>The incident affected both EVM and Solana bots, which have separate code bases and operate independently.<\/p>\n<p>Currently, the Banana Gun team has resolved the issue and reactivated the bots. For security reasons, transfers are now executed with a two-hour delay.<\/p>\n<p>The developers plan to implement two-factor authentication for data transmission and conduct an audit of web applications and Telegram bots.<\/p>\n<p>Despite the incident, activity on Banana Gun has resumed. According to <a href=\"https:\/\/dune.com\/whale_hunter\/banana-gun-bot\">Dune Analytics<\/a>, at the time of writing, the cumulative trading volume exceeded $6.3 billion from more than 278,000 users.<\/p>\n<p>Back in September, the bot&#8217;s developers confirmed \u201cunauthorized transfers\u201d from the wallets of a limited number of users. Initially, external experts estimated the damage at $1.9 million.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The team behind the trading Telegram bot Banana Gun has confirmed its intention to compensate 11 affected users with $3 million, stolen during a hack on September 19. BOT INCIDENT RECAP First of all, we\u2019re humbled by the incredible bot activity on Banana Gun, even after last week\u2019s incident. Thank you all for your patience [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17266,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,723,1290],"class_list":["post-17267","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-telegram","tag-trading-bots"],"aioseo_notices":[],"amp_enabled":true,"views":"46","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/17267","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=17267"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/17267\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/17266"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=17267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=17267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=17267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}