According to BlockBeats, on May 4, X user @Ilhamrfliansyh used a prompt injection attack on Grok to steal $175,000 in DRB tokens from Bankr's wallet. The attacker crafted a malicious tweet encoded in Morse code that Grok decoded and relayed to @bankrbot, which was interpreted as a blockchain transaction request. Bankr executed the transfer on behalf of Grok's wallet.
The attacker subsequently converted all DRB to USDC across multiple wallets, causing DRB to plunge 40%. The user later returned all funds to Grok's wallet in ETH and USDC before deleting the X account. DRB has since recovered most of its losses.