A hacker breached 14 crypto wallets on Bankr, the AI-driven trading platform, draining Ether and other assets from users including tech entrepreneur Austen Allred. Allred, whose wallet was linked to the Kelly Claude AI assistant, said his Ether was taken but his memecoin holdings were left untouched. There was no sign of unauthorized login, suggesting the attacker obtained private keys through other means.
How the attack worked
Bankr lets users give plain-language instructions to an AI for trades, automatically creating a wallet for every X account that interacts with its bot. The breach likely involved social engineering and prompt injection, exploiting the trust connection between Grok and Bankrbot to push through unauthorized transaction approvals. Bankr confirmed the attack on X, locked down all transaction activity, and pledged to reimburse all lost funds.
Victims and losses
Users reported losses of up to $150,000 from a single wallet. The total amount stolen across all 14 wallets hasn't been confirmed. Blockchain security firm SlowMist founder Yu Xian identified three wallet addresses linked to the attacker holding a total of $440,000 in crypto. Bankr advised affected users to stop using compromised accounts, set up new wallets with fresh seed phrases on clean devices, and revoke approvals if assets can't be moved.
Not the first time
A similar incident happened earlier in 2026 when someone tricked Grok into telling Bankr to launch a token and then pulled funds into a wallet they controlled. This latest breach adds to a grim quarter: crypto thefts in Q1 2026 exceeded $168 million. In April, Drift Protocol ($280M), Kelp ($292M), and Verus Protocol were also hit.
Bankr hasn't said when transaction activity will resume. With 14 wallets affected and the attacker still holding hundreds of thousands in crypto, the platform's reimbursement pledge faces a test. Users are waiting for a timeline—and for answers on how a system that creates wallets by the hundreds can keep keys safe from social engineering.
