- An attacker used a free NFT and Morse code to drain roughly $174,000 from Grok’s wallet
- The NFT silently upgraded wallet permissions, allowing token transfers and swaps
- Researchers say the exploit exposed major weaknesses in autonomous AI wallet systems
What looked like a harmless NFT transfer turned into one of the stranger crypto exploits of the year. An attacker managed to drain roughly $174,000 worth of DRB tokens from Grok’s Bankr-connected wallet on Base, not by hacking through security barriers, but by giving the wallet new permissions through a free NFT.
The attacker essentially handed Grok a key, waited for the system to accept it, and then manipulated the AI into opening the door itself. Weirdly enough, no direct wallet compromise was needed at all.
The NFT That Quietly Changed Everything
The exploit started when the attacker sent Grok a Bankr Club Membership NFT on the Base network. On the surface, it looked like just another token transfer, but underneath, the NFT acted more like a permission upgrade than a collectible.
Once the wallet held the NFT, Bankr automatically expanded the wallet’s capabilities, enabling real token transfers, swaps, and deeper interaction with Bankr’s infrastructure. Before receiving the NFT, Grok’s wallet had limited functionality. After receiving it, the wallet could suddenly move funds freely.
That’s the part making security researchers uncomfortable right now. The attacker didn’t bypass protections, they used the system exactly as designed.
Morse Code Became the Trigger
After upgrading the wallet’s permissions, the attacker took things a step further using something almost absurdly simple, Morse code. Beneath one of Grok’s public posts, the attacker replied with encoded instructions that translated into a command directing @bankrbot to send tokens to a specific wallet address.
Grok, designed to interpret and assist users, translated the Morse code into plain English and publicly tagged Bankrbot in the process. Since the request appeared authenticated and legitimate, Bankrbot executed the command automatically.
That single interaction transferred roughly 3 billion DRB tokens, representing around 3% of the token’s supply and valued near $175,000 at the time. The token price collapsed roughly 40% within minutes after the transfer became visible on-chain.
Researchers Say This Wasn’t Really a “Grok Hack”
Security researchers quickly pointed out that the issue may have less to do with Grok itself and more to do with Bankr’s infrastructure design. According to Vadim, a former NEAR core contributor, the real weakness came from how Bankr automatically provisions wallets and permissions for every connected X account, including AI agents.
That architecture created an environment where receiving an NFT could silently alter what an AI-controlled wallet was capable of doing. Following the incident, Bankr introduced optional IP whitelisting, permission-based API controls, and settings allowing users to disable actions triggered through X replies.
Those fixes arrived after the exploit, though, which feels a little like locking the door after the house already got cleaned out.
AI Wallets Are Becoming a New Security Nightmare
The bigger concern now is what this attack pattern represents moving forward. The exploit introduced a new kind of privilege escalation where simply gifting an NFT or airdrop can expand an AI agent’s operational permissions without explicit approval from a human operator.
For autonomous AI systems connected to wallets, that’s a serious problem. Attackers may no longer need to steal keys directly if they can instead manipulate the AI into voluntarily using its own tools against itself.
AI agents with live crypto wallets were supposed to represent the future of automation and digital finance. But right now, security systems around them seem to be evolving much slower than the creativity of the people trying to exploit them.
