- Banana Gun recently announced a full refund for the 11 users affected by a $3 million wallet exploit.
- The team asserted that all reimbursements would come directly from the Banana Gun treasury and not from token sales.
- “All impacted users will be fully refunded from the Banana Gun treasury, with no tokens being sold for reimbursements,” the team stated on X.
Learn about the emerging exploit dealt with by Banana Gun, and how the trading bot giant plans to safeguard its users moving forward.
Banana Gun Ensures Full Refund for Users Post $3 Million Exploit
The prominent Telegram-based trading bot, Banana Gun, faced a significant security issue last week when an exploit resulted in unauthorized wallet transfers affecting 11 users. The company has committed to refunding these users entirely from its treasury, emphasizing that no tokens will be sold to fund the reimbursements. This statement was officially communicated via X on Tuesday night.
Details of the Exploit and Immediate Actions Taken
Community members first noticed the exploit last Thursday, which Banana Gun later confirmed. Affected users experienced unauthorized transactions from their wallets, prompting the team to temporarily deactivate their Ethereum Virtual Machine and Solana bot services. The company assured its users that its core systems remained uncompromised, citing the issue as likely originating from a front-end vulnerability. The swift response involved an immediate shutdown and subsequent investigation.
Identified Vulnerability and Improved Security Measures
The exploit, which particularly targeted experienced traders known within the community, was traced back to a potential vulnerability in the Telegram message oracle used by Banana Gun. Following a thorough investigation with the aid of external experts, the vulnerability was identified and patched by last Friday, with no further incidents reported thereafter. The company has since introduced additional security measures, including a two-hour transfer delay, two-factor authentication for transactions, and comprehensive audits of both front-end and back-end systems.
Conclusion
Banana Gun’s proactive measures and transparency in handling the exploit reflect its commitment to user security and trust. By providing full refunds and implementing stringent new security protocols, the company aims to reassure its user base and prevent future incidents. The effectiveness of these measures in the long-term will be crucial in maintaining their standing as a reliable trading bot in the crypto space.