Bankr confirmed that an attacker accessed 14 wallets on its AI-powered crypto trading platform this week, forcing the exchange to halt all transactions as a precaution. The company pledged to reimburse affected users, but recovery on the blockchain side is limited — a Bankr agent told one user their BNKR and USDC balances on Base were already at zero, and confirmed on-chain transactions cannot be reversed.
Inside the breach
Bankr's platform is an unusual entry in the crowded crypto exchange space: it executes buy, sell, swap, and limit orders via natural-language text commands. The attacker specifically targeted 14 wallets, though the company hasn't said how long the access lasted or what vulnerability was exploited. Bankr halted withdrawals shortly after discovering the compromise and published recovery guidance urging users to stop sending funds to compromised addresses, generate fresh seed phrases on clean devices, cancel open spend permissions, and scan for malware or rogue browser extensions.
What users heard
One user who contacted Bankr support received a blunt update: their balances were already zero and the on-chain transfers were final. The exchange didn't sugarcoat it — confirmed blockchain transactions can't be rolled back. That message underscores a hard reality even for platforms that promise AI-driven convenience: once funds move, the chain doesn't forget. Bankr has promised to reimburse victims, but hasn't detailed the timeline or method.
A brutal stretch for DeFi
May 2026 has already logged 14 separate hacks across decentralized finance protocols, according to DefiLlama. This is Bankr's first major incident, but the broader picture is grim — total crypto stolen in 2026 has now passed $800 million. The tally keeps climbing, and for exchanges like Bankr, the pressure to secure AI-integrated platforms is growing fast.
Bankr has not set a date for when reimbursements will begin. For now, users are left following the security checklist — and hoping the next text command they send isn't their last.
