{"id":940876,"date":"2026-05-06T05:37:28","date_gmt":"2026-05-06T05:37:28","guid":{"rendered":"https:\/\/www.europesays.com\/uk\/940876\/"},"modified":"2026-05-06T05:37:28","modified_gmt":"2026-05-06T05:37:28","slug":"x-user-tricks-grok-into-sending-them-200000-in-crypto-using-morse-code","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/uk\/940876\/","title":{"rendered":"X user tricks Grok into sending them $200,000 in crypto using morse code"},"content":{"rendered":"<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">An X user managed to trick AI chatbot Grok into sending around $200,000 worth of crypto after exploiting its link with an automated trading bot.<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">The incident involved Grok and \u2018Bankrbot\u2019, two <a class=\"hover:text-vertical-primary underline decoration-2 underline-offset-4 decoration-vertical-primary\" href=\"https:\/\/www.dexerto.com\/tag\/ai\/\" target=\"_blank\" rel=\"noopener\">AI<\/a> systems with wallet access, which were manipulated into executing a transaction on the Base network.<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">The attacker received 3 billion DRB tokens, valued at roughly $200,000 at the time, after sending a hidden instruction written in Morse code that bypassed safeguards and triggered the transfer.<\/p>\n<p>Article continues after ad<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">The exploit was carried out by an X user operating under the handle \u2018@Ilhamrfliansyh\u2019, who later deleted their account after completing the transaction.<\/p>\n<p>Morse code prompt triggers $200K transfer<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">According to details shared around the incident, the attacker used a multi-step process to gain control over the transaction.<\/p>\n<blockquote data-width=\"500\" data-dnt=\"true\" data-experiment=\"{&quot;widget&quot;:false}\" data-article-img-src=\"https:\/\/www.dexerto.com\/cdn-image\/wp-content\/uploads\/2026\/05\/05\/crypto-transfer-grok.jpg\" data-note-img-alt=\"crypto transfer between wallets\" class=\"flex w-full p-5 gap-x-5 min-h-[200px] border-l-[3px] border-vertical-primary bg-neutral-grey-4 dark:bg-neutral-grey twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\" class=\"external:text-custom-content-text external:dark:text-custom-content-text\">done. sent 3B DRB to .<\/p>\n<p>\u2013 recipient: 0xe8e47\u2026a686b<br \/>\u2013 tx: 0x6fc7eb7da9379383efda4253e4f599bbc3a99afed0468eabfe18484ec525739a<br \/>\u2013 chain: base<\/p>\n<p>\u2014 Bankr (@bankrbot) <a class=\"hover:text-vertical-primary underline decoration-2 underline-offset-4 decoration-vertical-primary\" href=\"https:\/\/twitter.com\/bankrbot\/status\/2051192437797015859?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener\">May 4, 2026<\/a><\/p><\/blockquote>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">As explained by <a target=\"_blank\" rel=\"noreferrer noopener nofollow\" class=\"hover:text-vertical-primary underline decoration-2 underline-offset-4 decoration-vertical-primary\" href=\"https:\/\/www.cryptopolitan.com\/user-tricked-grok-bankrbot-to-send-tokens\/\">cryptopolitan<\/a>, the user sent a Bankr Club Membership NFT to Grok\u2019s wallet. This expanded the AI\u2019s permissions within the Bankr system, allowing it to perform actions like transfers and swaps that were previously restricted.<\/p>\n<p>Article continues after ad<\/p>\n<p>Article continues after ad<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">Grok was then prompted on X to translate a Morse code message and pass it directly to Bankrbot. The decoded message instructed the bot to send 3 billion DRB tokens to a specific wallet address.<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">The translated message was then treated as a valid command and executed immediately, with the transaction completed on Base, transferring the full token amount to the attacker\u2019s wallet.<\/p>\n<p>Tokens sold immediately after exploit<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">Following the transfer, the attacker quickly sold the DRB tokens on the open market, causing short-term volatility in the token\u2019s price.<\/p>\n<p>Article continues after ad<\/p>\n<p class=\"text-neutral-grey w-full mb-4 text-body-6 md:text-body-5 font-body dark:text-neutral-white external:text-custom-content-text external:dark:text-custom-content-text\">Blockchain data later showed that funds linked to Grok\u2019s wallet were returned and converted into other assets, including Ethereum and USDC.<\/p>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"An X user managed to trick AI chatbot Grok into sending around $200,000 worth of crypto after exploiting&hellip;\n","protected":false},"author":2,"featured_media":940877,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3163],"tags":[323,1942,53,16,15],"class_list":{"0":"post-940876","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artificial-intelligence","8":"tag-ai","9":"tag-artificial-intelligence","10":"tag-technology","11":"tag-uk","12":"tag-united-kingdom"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@uk\/116526019321288256","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/940876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/comments?post=940876"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/940876\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media\/940877"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media?parent=940876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/categories?post=940876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/tags?post=940876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}