Last week, the Telegram trading bot Banana Gun suffered a significant attack, resulting in the loss of approximately 3 million dollars of user funds. The team announced that the 11 affected users would receive a full refund from their treasury. Following this announcement, the price of BANANA rose by over 7% in the last 24 hours.
Price Increase After Security Flaws Were Closed
A detailed investigation into the attack, along with evaluations from external security experts, revealed that the hacker exploited a security flaw in the Telegram message oracle. This exploitation led to manual transfers of ETH from users’ wallets, resulting in considerable losses.
Banana Gun Strengthens Its Security
The company indicated that manual transfers during the attack and notifications sent to users via the bot were fundamental causes of the issues. After addressing the security vulnerability, the team re-enabled the bot and enhanced security protocols.
Targets and Consequences
Details of the Banana Gun hack revealed that the attackers targeted crypto veterans with strong trading histories or significant social media presence. This resulted in substantial losses for the victims. During the attack, users observed that the attackers were manually transferring ETH from their wallets in real-time and received notifications from the Telegram trading bot. Despite their independent code bases, both the EVM and Solana 
$219 versions of the bot were compromised. The team quickly shut down the bot, and no further attacks occurred after its deactivation.
However, the EVM and Solana bots of Banana Gun came back online, and trading activity on the platform intensified once again.
Users can protect their accounts by implementing additional security measures, such as two-factor authentication. Such security steps may help prevent potential attacks in the future.
