A Grok-linked Base wallet was drained of 3 billion DebtReliefBot tokens after a Bankr tool-permission incident, turning one of crypto’s strangest AI-agent experiments into a live security warning.
Bankr confirmed the incident in its public X replies, writing that “the grok exploit is confirmed” and that 3,000,000,000 DRB, worth about $155,130 at the time, was drained from Grok’s wallet at 06:49 UTC. A separate Bankr transaction reply showed the bot acknowledging a 3B DRB transfer to a recipient address after being tagged in the interaction.
X’s live trend summary also framed the event as a prompt injection-style attack and said the attacker used a Bankr Club Membership NFT to unlock transfer access before moving the tokens. That summary should be treated cautiously because X notes that these summaries can evolve, but it matches the wider public trail around Bankr, Grok, and the DRB wallet.
The cleaner framing is not that xAI’s core Grok model or X infrastructure was hacked. The available public evidence points to a wallet and tool-permission failure around Bankr, DRB, and Grok’s associated Base address. That distinction matters because the risk sits in the execution layer: once an AI-linked account has tools that can move tokens, prompt handling and permission design become financial security controls.
DRB is the first token proposed by Grok and deployed by Bankr on Base. The project’s documentation says Grok suggested the DebtReliefBot name and DRB ticker on March 7, while Bankr deployed the token through Clanker minutes later. The same portal lists Grok’s wallet and says Grok earns 0.4% of every DRB swap through the token’s fee structure.
That fee-linked wallet made the incident more than a random meme-token transfer. The wallet had become part of DRB’s lore, treasury tracking, and AI-to-AI token narrative. Once it could be pushed into a transfer path, the exploit became a public test case for agent-controlled crypto accounts.
DRB did not collapse to zero after the drain. CoinGecko recently placed DebtReliefBot near $0.000061, with a market cap around $6.2 million and 24-hour trading volume above $1.4 million, while GeckoTerminal showed the main DRB/WETH pool on Base still processing active volume. The price weakness still reflected the damage: DRB was down sharply over both 24 hours and seven days.
The bigger issue is the security model. AI-agent wallets are moving from novelty to execution infrastructure, with tools that can sign, swap, transfer, and route funds. Recent coverage of AI agent routers as a crypto theft vector already showed how malicious intermediaries can drain wallets when agent workflows trust the wrong execution path. A separate Phantom MCP wallet-agent update showed why agent-accessible wallet tools need spending caps, allowlists, confirmation layers, and safer transaction review.
The DRB drain gives builders a sharper warning. AI wallets need strict permission scopes, transaction simulation, rate limits, human approval for large transfers, and clearer separation between conversation and execution. Without those controls, an attacker does not always need to break the wallet. They only need to convince the agent, bot, or connected tool to use it.
The post Grok-Linked Wallet Drained In $170K DRB Prompt Attack appeared first on Crypto Adventure.
