Blockchain security firm SlowMist reported via its Medium blog that an on-chain asset theft occurred on the Base chain, exploiting a loophole in the trust model between AI agents. The stolen coins amounted to 3 billion DRB (174,570 USD). The hacker entered a prompt (command) in Morse code form into the AI model Grok on X (formerly Twitter), and the automated trading agent Bankr executed it, siphoning off the funds on the Base chain. The 'Grok wallet' used in this hack was not owned by xAI but was a custody wallet automatically generated by Bankr. SlowMist pointed out, "During the process where Bankr directly mapped (converted) Grok's natural language output into an executable transfer command, there was insufficient verification of the executor and execution intent, and high-risk permissions were granted merely by activating membership." It added, "Grok itself did not hold private keys or act as the executor of on-chain operations; it was exploited as a tool." Meanwhile, approximately 80-88% of the stolen funds were returned to the victim in USDC and ETH through negotiations between the hacker and the victim, and the remaining portion was treated as an unofficial bug bounty.
