hodler

7 May 2026, 08:10

SlowMist Reports $174K AI Agent Exploit on Base Chain Highlights Trust Model Flaws

BitcoinWorld SlowMist Reports $174K AI Agent Exploit on Base Chain Highlights Trust Model Flaws Blockchain security firm SlowMist has uncovered an on-chain asset theft on the Base network, resulting in the loss of three billion DRB tokens valued at approximately $174,570. The incident, detailed in a recent Medium blog post, exposes critical vulnerabilities in the trust model between artificial intelligence agents and automated trading systems. How the Exploit Unfolded According to SlowMist’s investigation, the attacker manipulated the AI model Grok on X (formerly Twitter) by inputting a command encoded in Morse code. An automated trading agent named Bankr, designed to execute Grok’s natural language outputs, interpreted the prompt as a legitimate transfer instruction and withdrew the DRB tokens from the Base chain. The so-called ‘Grok Wallet’ used in the exploit was not owned by xAI but was a custodial wallet automatically generated by Bankr for trading operations. Core Vulnerability: Direct Mapping of AI Outputs SlowMist pinpointed the root cause: Bankr directly mapped Grok’s natural language output into an executable transfer command without sufficient verification of the user’s identity or intent. Additionally, high-risk permissions were granted simply by activating a membership feature. The firm emphasized that Grok itself does not hold private keys and was not the direct executor of the on-chain transaction; rather, it was exploited as a tool to trigger the transfer. Implications for AI and Blockchain Integration This incident underscores the growing risks as AI agents increasingly interact with blockchain protocols. The lack of robust verification layers between AI outputs and financial actions creates a new attack surface. Security experts warn that similar exploits could become more common unless platforms implement stricter permission controls, multi-factor authentication, and intent verification mechanisms. Funds Recovery and Bug Bounty Following negotiations between the hacker and the victim, approximately 80–88% of the stolen funds were returned in USDC and ETH. The remaining portion was treated as an unofficial bug bounty, a common practice in the crypto space to encourage responsible disclosure. SlowMist did not disclose the identity of the victim or the hacker. Conclusion The SlowMist report serves as a critical case study for the cryptocurrency and AI industries. As automated trading agents become more sophisticated, the trust model between AI outputs and financial execution must be redesigned with security as a foundational principle. Without such safeguards, the convergence of AI and blockchain could lead to further costly exploits. FAQs Q1: What was the total value stolen in the Base chain exploit? The attacker stole three billion DRB tokens, valued at approximately $174,570 at the time of the incident. Q2: How did the hacker manipulate the AI agent? The hacker input a command in Morse code to Grok on X, which the Bankr trading agent misinterpreted as a legitimate transfer instruction, leading to the unauthorized withdrawal. Q3: Was the Grok wallet owned by xAI? No. The wallet was a custodial wallet automatically generated by Bankr for trading, not owned or controlled by xAI. This post SlowMist Reports $174K AI Agent Exploit on Base Chain Highlights Trust Model Flaws first appeared on BitcoinWorld .

7 May 2026, 06:56

Hackers steal $5.9 million in ETH and WBTC from trusted volumes

🛑 $5.9 million in ETH, WBTC, and stablecoins was stolen through a security breach in Trusted Volumes. The attacker exploited a critical flaw in signature verification, bypassing key checks. 🔎 Key point: Experts warn that regular security audits are essential in $ETH DeFi platforms to prevent similar attacks. Continue Reading: Hackers steal $5.9 million in ETH and WBTC from trusted volumes The post Hackers steal $5.9 million in ETH and WBTC from trusted volumes appeared first on COINTURK NEWS .

7 May 2026, 06:16

Aave recovers 90 percent of stolen ETH after $293M hack

🚨 Aave has recovered 90 percent of stolen ETH in the $293 million Kelp DAO hack. 💡 Only 10 percent of targeted assets await recovery, driven by community votes and legal action. ⚡ Critical point: Market confidence is rebounding as total value locked in $ETH rises again. Continue Reading: Aave recovers 90 percent of stolen ETH after $293M hack The post Aave recovers 90 percent of stolen ETH after $293M hack appeared first on COINTURK NEWS .

7 May 2026, 05:50

Hackers Drain Nearly $6 Million in ETH and BTC from Trusted Volumes

Trading protocol Trusted Volumes falling victim to a catastrophic smart contract exploit.

7 May 2026, 05:08

Aave liquidates Kelp DAO hacker's rsETH positions on Ethereum, Arbitrum

Galaxy Digital’s Thaddeus Pinakiewicz noted that Aave is now only 10% short of recovering from the bad debt that hit its lending protocol after the Kelp DAO hack.

7 May 2026, 03:55

Man sentenced to 6.5 years for stealing 100 BTC in home invasion tied to $250 million crypto theft ring

BitcoinWorld Man sentenced to 6.5 years for stealing 100 BTC in home invasion tied to $250 million crypto theft ring A 20-year-old man who admitted to physically stealing approximately 100 Bitcoin during a home invasion in Texas has been sentenced to six and a half years in federal prison. The sentence, handed down on May 6, 2025, in Washington, D.C., is part of a broader crackdown on a sophisticated social engineering ring that stole over $250 million in cryptocurrency from victims across the United States. Inside the criminal operation Marlon Ferro, who operated online under the alias “GothFerrari,” pleaded guilty to Racketeer Influenced and Corrupt Organizations (RICO) conspiracy charges in October 2024. According to court documents, the organization operated from late 2023 to early 2025, with operational bases in California, New York, and Florida. The group used a combination of database hacking, impersonation phone calls, money laundering, and targeted home invasions to access and steal cryptocurrency from victims. Ferro’s specific role was to physically obtain cold wallets—offline cryptocurrency storage devices that cannot be accessed remotely. In February 2024, he broke into a victim’s home in Texas and stole approximately 100 Bitcoin, valued at over $5 million at the time. The stolen funds were later used to purchase more than $255,000 in luxury goods, including high-end clothing and jewelry. Funds used to pay legal fees for ringleader In a revealing detail about the group’s internal structure, Ferro also converted some of the stolen cryptocurrency into cash to cover legal fees for the ringleader, who had been arrested in September 2024. This indicates a coordinated effort to protect the operation’s leadership even as members faced prosecution. In addition to the prison sentence, the court ordered three years of supervised release and $2.5 million in restitution. The case underscores the growing sophistication of crypto theft rings that combine digital hacking skills with physical violence or intimidation. Why this case matters for crypto users This case highlights a critical vulnerability for cryptocurrency holders: cold wallets, while secure against remote hacking, remain susceptible to physical theft. The sentencing serves as a warning that law enforcement is increasingly capable of dismantling complex criminal networks that operate across state lines and use both digital and physical methods to steal assets. The RICO charges also signal that prosecutors are willing to apply organized crime statutes to crypto theft rings, potentially leading to longer sentences and more aggressive investigations. Conclusion The sentencing of Marlon Ferro marks a significant step in holding accountable those who use home invasions to steal cryptocurrency. As the value of digital assets continues to attract organized criminal attention, this case reinforces the need for holders to adopt multi-layered security strategies that include both digital protections and physical safeguards for their assets. FAQs Q1: What is a cold wallet? A cold wallet is a physical device or offline storage method used to hold cryptocurrency private keys, making it inaccessible via the internet and thus more secure from remote hacking. Q2: Why was Ferro charged under RICO laws? RICO laws allow prosecutors to target entire criminal organizations rather than just individual crimes. Ferro’s involvement in a coordinated group that used multiple methods—including hacking, impersonation, and home invasion—qualified as a pattern of racketeering activity. Q3: What should crypto holders do to protect against physical theft? Store cold wallets in secure, hidden locations such as safes or bank deposit boxes. Avoid publicly disclosing crypto holdings or wallet locations. Consider using multi-signature wallets or splitting keys across multiple secure locations. This post Man sentenced to 6.5 years for stealing 100 BTC in home invasion tied to $250 million crypto theft ring first appeared on BitcoinWorld .