- An attacker used a free NFT and Morse code to empty roughly $174,000 from Grok’s pockets
- The NFT silently upgraded pockets permissions, permitting token transfers and swaps
- Researchers say the exploit uncovered main weaknesses in autonomous AI pockets techniques
What seemed like a innocent NFT switch was one of many stranger crypto exploits of the 12 months. An attacker managed to empty roughly $174,000 value of DRB tokens from Grok’s Bankr-connected pockets on Base, not by hacking by safety limitations, however by giving the pockets new permissions by a free NFT.
The attacker primarily handed Grok a key, waited for the system to just accept it, after which manipulated the AI into opening the door itself. Weirdly sufficient, no direct pockets compromise was wanted in any respect.
The NFT That Quietly Modified All the pieces
The exploit began when the attacker despatched Grok a Bankr Membership Membership NFT on the Base community. On the floor, it seemed like simply one other token switch, however beneath, the NFT acted extra like a permission improve than a collectible.
As soon as the pockets held the NFT, Bankr routinely expanded the pockets’s capabilities, enabling actual token transfers, swaps, and deeper interplay with Bankr’s infrastructure. Earlier than receiving the NFT, Grok’s pockets had restricted performance. After receiving it, the pockets might all of a sudden transfer funds freely.
That’s the half making safety researchers uncomfortable proper now. The attacker didn’t bypass protections, they used the system precisely as designed.
Morse Code Turned the Set off
After upgrading the pockets’s permissions, the attacker took issues a step additional utilizing one thing virtually absurdly easy, Morse code. Beneath one in every of Grok’s public posts, the attacker replied with encoded directions that translated right into a command directing @bankrbot to ship tokens to a particular pockets deal with.
Grok, designed to interpret and help customers, translated the Morse code into plain English and publicly tagged Bankrbot within the course of. For the reason that request appeared authenticated and bonafide, Bankrbot executed the command routinely.
That single interplay transferred roughly 3 billion DRB tokens, representing round 3% of the token’s provide and valued close to $175,000 on the time. The token worth collapsed roughly 40% inside minutes after the switch grew to become seen on-chain.
Researchers Say This Wasn’t Actually a “Grok Hack”
Safety researchers shortly identified that the difficulty might have much less to do with Grok itself and extra to do with Bankr’s infrastructure design. In line with Vadim, a former NEAR core contributor, the true weak spot got here from how Bankr routinely provisions wallets and permissions for each related X account, together with AI brokers.
That structure created an setting the place receiving an NFT might silently alter what an AI-controlled pockets was able to doing. Following the incident, Bankr launched non-compulsory IP whitelisting, permission-based API controls, and settings permitting customers to disable actions triggered by X replies.
These fixes arrived after the exploit, although, which feels somewhat like locking the door after the home already acquired cleaned out.
AI Wallets Are Turning into a New Safety Nightmare
The larger concern now could be what this assault sample represents shifting ahead. The exploit launched a brand new sort of privilege escalation the place merely gifting an NFT or airdrop can broaden an AI agent’s operational permissions with out express approval from a human operator.
For autonomous AI techniques related to wallets, that’s a major problem. Attackers might now not have to steal keys immediately if they will as an alternative manipulate the AI into voluntarily utilizing its personal instruments towards itself.
AI brokers with reside crypto wallets had been speculated to characterize the way forward for automation and digital finance. However proper now, safety techniques round them appear to be evolving a lot slower than the creativity of the individuals making an attempt to use them.
Disclaimer: BlockNews gives unbiased reporting on crypto, blockchain, and digital finance. All content material is for informational functions solely and doesn’t represent monetary recommendation. Readers ought to do their very own analysis earlier than making funding selections. Some articles might use AI instruments to help in drafting, however each piece is reviewed and edited by our editorial staff of skilled crypto writers and analysts earlier than publication.