Bankr freezes transactions after 14-wallet breach

Bankr said on May 20 that it froze transactions after an attacker accessed at least 14 wallets tied to its AI-powered crypto assistant, adding to scrutiny of tools that let users trade or move tokens through chat-style commands. The company said it paused swaps, transfers and token deployments while it investigated the breach and reviewed the incident. (beincrypto.com) Bankr also said it would reimburse affected users for stolen funds. Reports on Tuesday said users had flagged missing funds before the company confirmed the number of wallets affected. ### Why did Bankr shut down transactions so quickly? Bankr said the shutdown was a precaution after reports of compromised wallets began to surface on May 20. (beincrypto.com) The company disabled core transaction functions while it investigated how the attacker gained access and whether additional wallets were at risk. Cointelegraph reported that Bankr’s platform automatically creates a crypto wallet for each X account that interacts with its bot, which helps explain why a wallet compromise raised broader concerns about platform controls and signing flows. BeInCrypto and other outlets said the service uses natural-language prompts to execute trading actions. (beincrypto.com) ### What is actually confirmed about the breach? The confirmed number so far is 14 wallets. Bankr said an attacker accessed 14 wallets and that users who lost funds would be made whole, according to multiple reports citing the company’s public statements. (cointelegraph.com) The value of losses is less settled. Cointelegraph reported some users said they lost as much as $150,000 in crypto, while Crypto Times said blockchain investigators traced attacker-controlled wallets holding more than $440,000 after the incident. Those figures come from reporting and on-chain tracing, not from a full Bankr accounting. (cointelegraph.com) ### How did attackers get in? The likely attack path appears to involve social engineering. Crypto Times and The Merkle both reported that Bankr linked the breach to a sophisticated social-engineering attempt, though a full forensic explanation had not been published. (beincrypto.com) Other reporting pointed to suspicious prompts and signing behavior. Bankr warned users not to sign prompts or transactions they did not trust while the investigation was ongoing, according to Cointelegraph-linked summaries and follow-up reports. That warning suggests the company was focused on user authorization flows as a possible part of the breach. (cointelegraph.com) ### What were users told to do next? Bankr told affected users to stop using compromised wallets and seek support, according to reports published on May 20. Follow-up guidance cited by Coinalertnews said users should create new wallets with fresh seed phrases on clean devices, move any remaining assets, and revoke token approvals. (cryptotimes.io) Those steps are standard containment measures after wallet compromise. Revoking approvals can limit further token drains, and moving assets to a newly created wallet can reduce exposure if a device session or key material has been compromised. (binance.com) ### What is the unresolved question now? The main open issue is when Bankr will restore transactions. Reports published on May 20 said the freeze would remain in place pending investigation and forensic review, and no public timeline for resuming normal operations was cited in the coverage reviewed here. (coinalertnews.com) The next concrete milestone is Bankr’s own incident update. As of the May 20 reports, the company was still investigating, transactions were still disabled, and reimbursement for affected users had been promised but not yet publicly detailed. (beincrypto.com) (coinalertnews.com)