A Morse code prompt injection tricked Grok into relaying an instruction to Bankrbot, which sent 3B DRB tokens (~$200K) on Base to an attacker’s wallet.
Key Takeaways
Attacker gifted Grok’s wallet a Bankr Club Membership NFT, unlocking transfer and swap permissions that were otherwise restricted.
Grok translated the Morse code message as a plain-language instruction to Bankrbot via X tagging, with no additional safeguards triggered.
Bankrbot executed the on-chain transfer immediately on Base; attacker sold all DRB through LBank, crashing the token before recovery.
The exploit required no code exploit – only social engineering through an AI intermediary and a permissioned NFT.
Autonomous AI agents with wallet control represent a new attack surface in Web3, compounding existing protocol vulnerabilities.
