Bankr: Attacker Accessed 14 Wallets on AI Trading Platform

Bankr confirmed that an attacker accessed 14 user wallets on its AI-powered crypto trading platform, temporarily halted transactions and pledged to reimburse any lost funds. The company first flagged unauthorized access on May 19 and moved to lock accounts and pause activity to prevent further movement of funds.

The platform runs an AI agent that executes buy, sell, swap and limit orders in response to natural-language text commands and can manage on-chain balances. Bankr posted instructions for affected users and began a forensic investigation into the breach.

In one exchange described by the company, the AI agent informed a user that their BNKR and USDC balances on the Base network were already zero and noted that confirmed on-chain transactions cannot be reversed. Bankr emphasized that finalized on-chain transfers cannot be undone.

Bankr’s recovery guidance for affected users instructs them to stop sending funds to compromised addresses, generate new seed phrases on devices free of malware, cancel any open spend permissions and scan personal computers and browser extensions for malware or rogue plugins. The company also advised users to treat the incident as active while investigators continue their work and to follow updates from Bankr’s official account.

In a post on its official account, Bankr wrote: “we’ve identified an attacker was able to access 14 bankr wallets. we’ve temporarily locked things down while we work through the details. we will be reimbursing any and all lost funds. will provide more updates as we have them.” The firm has not published technical details about how the attacker gained access, which specific wallets were affected beyond the total count, or whether the breach involved the AI agent, user credential theft, or a third-party integration.

Data tracked by DefiLlama shows May recorded 14 separate hacks across decentralized finance protocols, and total stolen crypto in 2026 has passed $800 million. Security professionals have warned that services combining automated agents and on-chain controls can increase attack surfaces if keys, permissions or client devices are compromised.

Bankr said it will provide more information as the investigation progresses and encouraged affected users to await further communication about reimbursements and technical findings.