The cryptocurrency industry faced fresh security concerns this week after two separate exploits targeted AI-powered trading tools and a meme coin launch platform, resulting in combined losses of over $226,000. The AI-driven crypto bot aixbt suffered a breach that led to the unauthorized transfer of 55.5 Ether ($106,200), while the BNB Chain-based platform Four.Meme was hit by a $120,000 sandwich attack. Both projects have since resumed operations, implementing security upgrades and promising compensation for affected users.
The increasing intersection of artificial intelligence and cryptocurrency trading faced a major security scare as an attacker exploited the dashboard of the AI-powered crypto bot aixbt to siphon 55.5 Ether, valued at approximately $106,200. The breach has reignited debates over the security of AI-driven financial tools and their vulnerabilities within the decentralized finance (DeFi) ecosystem.
On March 18, the operator of aixbt—an AI agent designed to provide market insights and potentially execute trades—announced via X that the bot’s core systems had not been compromised. Instead, the attacker gained unauthorized access to the dashboard, issuing two commands that directed the AI to transfer funds.
The maintainer of aixbt, known as ”rxbt,” stated that the breach was not due to manipulation of the AI itself but rather an exploit of its interface. In response, the team has migrated servers, changed access keys, paused dashboard functionalities for security upgrades, and reported the hacker’s addresses to cryptocurrency exchanges in an effort to contain the damage.
Following the attack, speculation spread about the nature of the breach, with some observers initially believing that the bot had been manipulated to autonomously send the funds as a ”tip” to the attacker. This theory gained traction after Simulacrum AI, another AI-driven crypto project, shared a post on X suggesting that the bot had tipped a now-suspended account, “0xhungusman,” with 55.5 ETH.
However, further analysis clarified that the attack was not a case of the AI being socially engineered or misled—rather, the attacker took advantage of the bot’s dashboard access, exposing an oversight in the bot’s security architecture.
The incident triggered a sharp decline in the price of aixbt's native token (AIXBT), which plummeted 15.5% to $0.09 on Ethereum’s Layer 2 Base network, according to CoinGecko data.
The breach has fueled growing concerns regarding the security of AI-powered bots that operate in the crypto trading landscape. AI-driven trading assistants like aixbt, ai16z, and Truth Terminal are increasingly being tested by traders seeking to leverage machine learning for real-time market analysis and automation.
However, security experts warn that as these bots gain wider adoption, they must undergo rigorous security testing to prevent financial losses due to cyberattacks. Decentralized AI researcher ”S4mmy” echoed this sentiment, stating that AI-powered financial tools need to be battle-tested before managing significant amounts of capital.
Despite the security concerns, venture capitalists remain optimistic about the potential of AI in cryptocurrency trading. Spencer Farrar, a partner at Theory Ventures, a firm specializing in AI and crypto investments, believes that while the sector is currently in a ”frothy” phase, meaningful use cases may emerge over time.
One of the biggest draws of AI-powered crypto projects is their ability to create speculative investment opportunities for retail traders. Farrar noted that AI tokens allow investors to explore high-risk, high-reward projects that aren’t typically available in traditional financial markets.
Despite setbacks like the aixbt breach, the market for AI-related cryptocurrencies remains robust. CoinGecko data reveals that tokens tied to AI-based crypto agents currently hold a combined market capitalization of $4.2 billion, signaling continued investor interest in the sector.
While this incident highlights the security challenges facing AI in crypto, it also shows the growing role of AI in financial markets. As the industry evolves, ensuring robust security measures will be critical to preventing similar exploits and fostering long-term adoption of AI-powered trading bots.
In other security news, the BNB Chain-based meme coin launch platform, Four.Meme, has restarted its services after suffering a $120,000 exploit due to a sophisticated sandwich attack. The attack, which manipulated liquidity transactions, has raised concerns about the security of automated token launches and the increasing prevalence of DeFi exploits.
On March 18, the Four.Meme team announced via X that its launch function was reinstated after a detailed security review and the implementation of enhanced safeguards. The platform had earlier suspended its services, stating that it was ”under attack.”
“The launch function has now been resumed after a thorough security inspection. Our team has addressed the issue and reinforced system security. Compensation for affected users is underway,” Four.Meme confirmed.
Web3 security firm ExVul identified the attack as a sandwich exploit, a market manipulation tactic that allows attackers to profit from token launches by exploiting liquidity transactions.
According to ExVul’s March 18 report, the attacker pre-calculated the address for the liquidity pool’s trading pair and strategically used one of Four.Meme’s functions to buy tokens before liquidity was added. This allowed them to bypass Four.Meme’s token transfer restrictions.
Once Four.Meme added liquidity to the pool, the attacker executed a high-frequency transaction, allowing them to siphon off funds before the price stabilized.
Blockchain security firm CertiK corroborated ExVul’s findings, confirming that the attacker manipulated the launch process by sending an imbalanced amount of unlaunched tokens to pair addresses before the liquidity pool was officially created. This method enabled them to artificially inflate prices and sell tokens for profit.
“In the case of SBL token, for example, the attacker sent a bit of SBL token to the pre-calculated pair address in advance, then profited 21.1 BNB by sandwiching the add liquidity transaction at launch,” CertiK reported.
The attacker ultimately made off with at least 192 BNB, valued at approximately $120,000, which was sent to the decentralized crypto exchange FixedFloat, according to on-chain analysis.
This latest attack marks the second exploit on Four.Meme in two months. In February, the platform suffered a larger $183,000 hack, raising concerns about whether its security measures are sufficient to protect investors.
While the Four.Meme team has committed to compensating affected users, the incident underscores the persistent vulnerabilities of meme coin platforms and automated token launch mechanisms.
Four.Meme’s latest security breach comes amid a broader wave of crypto-related hacks and exploits.
February 2024 alone saw $1.53 billion in crypto losses from various scams, exploits, and hacks, with the Bybit exchange breach accounting for a staggering $1.4 billion.
Chainalysis reported that 2023 saw $51 billion in illicit transactions, highlighting the rise of AI-driven scams, stablecoin laundering, and sophisticated cyber syndicates.
These figures signal a growing threat landscape for the crypto industry, where attackers leverage advanced algorithms and automation to execute precise financial exploits.
The repeated attacks on Four.Meme demonstrate the need for stronger security mechanisms in meme coin launch platforms. As DeFi remains a prime target for cybercriminals, industry experts stress that platforms must implement enhanced smart contract security, preemptive monitoring systems, and multi-layered authentication measures.
While Four.Meme has patched its latest security flaw, its future hinges on whether it can prevent further exploits and restore investor confidence. With sandwich attacks becoming increasingly sophisticated, projects across the crypto space must continuously evolve to stay ahead of malicious actors.
As the market matures, it remains to be seen whether meme coin platforms like Four.Meme can balance innovation with security—or continue to fall prey to DeFi’s relentless wave of attacks.
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.