The Banana Gun team temporarily disabled its Telegram bot following a wave of reports regarding unauthorized user wallet transactions but confirmed that its code was not compromised.
Reports of Unauthorized Transactions
Amid reports of unauthorized transactions from user wallets, the Banana Gun team stated that their back-end had not been compromised. The Telegram bot for quick swaps remains offline. The team did not give a timeline for when the tool might be reactivated.
Possible Vulnerability Causes
It is assumed that the vulnerability might be related to the front-end. The team implied that the problem source might be tied to Telegram, as web3 participants have encountered massive phishing campaigns this year.
Overall DeFi Sector Situation
If the vulnerability is indeed linked to Telegram, Banana Gun would be the second DeFi protocol suffering from a web2-based exploit this week. Previously, the Ethena Labs website was also hacked, leading to a temporary suspension until the issue was resolved.
The Banana Gun team continues to investigate the incident, urging users to share helpful information or report new cases. Despite the incident, the project has generated over $35 million in fees and has thousands of users.
Comments