Bankr, the AI-powered crypto trading and agent infrastructure platform built on Coinbase’s Base network, has confirmed a security incident in which an attacker gained access to 14 user wallets. The company acted swiftly by disabling transactions and committing to reimburse all affected users from its treasury.
In an official update posted on X (formerly Twitter) by @bankrbot on May 19, the team stated: “We’ve identified an attacker was able to access 14 bankr wallets. We’ve temporarily locked things down while we work through the details. We will be reimbursing any and all lost funds.” This followed an earlier alert investigating reports of compromised wallets.
update: we’ve identified an attacker was able to access 14 bankr wallets.
we’ve temporarily locked things down while we work through the details. we will be reimbursing any and all lost funds.
will provide more updates as we have them. https://t.co/gVMLexiglT
— Bankr (@bankrbot) May 19, 2026
Background on Bankr and the Incident
Bankr operates as an AI agent platform that allows users and autonomous agents to manage wallets, execute trades, launch tokens, and automate treasury operations. Users interact with it via X, Telegram, CLI, or a terminal interface. The platform emphasizes self-funding agents: users launch tokens, earn trading fees (with a portion subsidizing AI inference costs), and maintain control without exposing private keys directly in many cases. It integrates with third-party wallet providers like Privy.
The breach appears linked to broader vulnerabilities in AI-agent wallet systems. Reports indicate that earlier incidents involved prompt injection style exploits, such as using obfuscated messages (for example, Morse code) or NFTs to expand permissions on connected wallets, tricking AI systems like Grok into authorizing transfers. One notable prior case involved roughly $170,000 to $200,000 in tokens (for example, DRB) being drained from a high-profile wallet.
This incident also comes amid growing concerns around broader crypto wallet security threats, including recent mobile malware campaigns targeting iPhone users. Similar attack trends were recently seen in the Darksword iOS exploit targeting crypto wallets, which demonstrated how attackers are increasingly combining social engineering, malware, and automated systems to compromise digital assets.
One of the compromised addresses publicly highlighted by the Bankr team is 0xb22b90194db0b8e20e7535199b8400a5fb3b081a. The team explicitly warned users: do not send any more funds to this address, as the private key or seed phrase is likely in the hands of an attacker. While the exact method for the 14 wallets is still under investigation, on-chain activity and community reports point to unauthorized transfers on Base. Estimates of total losses hover around $170,000 to $200,000 across the affected accounts. Bankr’s quick response, identifying the scope within hours and locking systems, has been widely praised.
Community and Industry Reaction
The crypto community on X has largely reacted positively to Bankr’s transparency and user-first approach. Many users highlighted the contrast with centralized exchanges or other DeFi projects that often delay or avoid reimbursements. Comments included praise like “Class act,” “This is how it’s done,” and “$BNKR is inevitable,” with users noting the team’s treasury (reportedly holding significant reserves) enabled prompt action.
Not all feedback was uniformly positive. Some users expressed concerns about temporary inaccessibility of funds, potential centralization risks in AI-agent platforms, and questions about long-term security for autonomous wallets. One user asked about urgent fund access, while others sought timelines for restoring services. A few referenced prior unreimbursed incidents, seeking similar treatment.
Prominent voices, including Austen Allred (@Austen), confirmed involvement of associated wallets (for example, KellyClaudeAI) but commended the team’s handling. Community members have also begun tracing attacker addresses on EVM and Bitcoin chains, turning the incident into a collective “manhunt.”
Implications for AI Agents in Crypto
This incident underscores growing risks in the emerging sector of AI agents with on-chain capabilities. As agents gain autonomy to read social posts, interpret instructions, and execute transactions, new attack vectors emerge, ranging from prompt injection and permission expansions to social engineering via NFTs or encoded messages.
Bankr’s model, which ties trading fees to API costs and agent intelligence, has shown strong product-market fit, with top agents generating substantial daily revenue (for example, some exceeding $7,000 per day). However, security remains paramount. The platform uses guardrails, IP whitelisting, and granular permissions, yet the breach highlights that human and AI oversight gaps persist.
Industry observers note that such events could accelerate calls for better standards in AI-crypto integration, including multi-factor approvals for large transfers, enhanced monitoring for anomalous activity, and clearer liability frameworks between users, agents, and platforms.
Bankr’s Response and Next Steps
The team has promised ongoing updates and full restitution. Transactions remain paused as they investigate and implement fixes. Users are advised to monitor official channels (@bankrbot on X) and avoid interacting until services resume. Bankr’s $BNKR token, the platform’s native utility token for subscriptions and ecosystem participation, continues trading on Base.
This event tests but potentially strengthens trust in Bankr. By eating the losses and communicating transparently, the project differentiates itself in a space where hacks often lead to user abandonment. If executed well, it could position Bankr as a more resilient player in agent infrastructure.
What Users Should Do:
- Monitor @bankrbot for restoration announcements.
- Review wallet permissions and connected agents.
- Exercise caution with unsolicited NFTs, encoded messages, or permission requests.
- If you own the address 0xb22b90194db0b8e20e7535199b8400a5fb3b081a or suspect compromise, immediately stop using it, revoke approvals, and move remaining assets to a new wallet.
- Use official Bankr interfaces and enable all available security features.
As the crypto-AI intersection matures, incidents like this serve as critical learning opportunities. Bankr’s proactive stance may set a benchmark for how decentralized finance projects should handle security events, prioritizing users while iterating rapidly on defenses.
