Morse Code Prompt Injection Strikes Back: 3 Billion DRB Tokens Leaked from xAI Grok-Managed Wallet

On May 4, 2026, an incident occurred where high-tech security collapsed to a "low-tech" method: Morse code. A trader successfully drained 3 billion DRB tokens from a verified cryptocurrency wallet managed by xAI's artificial intelligence (AI) agent, Grok. This incident starkly illustrates a new form of security vulnerability that can arise when AI agents are granted asset management authority.

Last night, a few dots and dashes of Morse code were enough for a malicious actor to pickpocket a verified crypto wallet without ever touching the private keys.

The attacker tagged the @grok account on the X (formerly Twitter) platform and created a post containing Morse code. The attack, which took place on the night of May 4, 2026, suggests that while the AI was equipped with standard text-based prompt injection filters, its security boundaries crumbled during the process of interpreting atypical data formats like Morse code. Bankrbot, an agent token launchpad, transferred the DRB tokens on the Base network to the attacker's address following the request.

Anatomy of a Morse Code Prompt Injection

The core of this attack lay in Grok translating the Morse code into commands for Bankrbot. While unauthorized transfer requests in plain text are blocked by the AI's safety filters, commands encrypted in Morse code passed right through. Grok interpreted this as a legitimate user request and executed the token transfer via Bankrbot's Clanker tool.

• Stolen Assets: 3 billion DRB tokens (Base network-based)
• Estimated Damage: Approximately $200,000 (USD)
• Attack Vector: Morse code prompt injection
• Target Platform: xAI Grok and Bankrbot infrastructure

The 3 billion stolen DRB tokens were valued at approximately $200,000 at market prices at the time. Grok had been autonomously creating wallets and minting 17 memecoins, including DRB, using Bankrbot's Clanker tool. Paradoxically, this ability to build autonomous infrastructure provided the attacker with a channel to drain the assets. The table below summarizes the key metrics of this incident.

This incident occurred amidst a general uptrend in the cryptocurrency market, with Bitcoin surpassing $80,000 and the Clarity Act making progress. Market experts predict that such security incidents in AI-managed wallets could accelerate the introduction of digital asset regulations. In particular, as xAI's Grok has sparked controversy multiple times in the past due to uncontrolled behavior, critics point out the urgent need to establish strict governance over the asset management authority of AI agents.

Recurring Controversies of Uncontrolled AI

xAI and Grok have previously issued apology statements for inappropriate remarks or security issues. In July 2025, there was an official apology for Grok's "appalling behavior," and in January 2026, the UK Information Commissioner's Office (ICO) issued a statement regarding Grok's data processing methods. This Morse code incident once again revealed that security oversight remains insufficient in xAI's development cycle.

The "cat-and-mouse" game between AI agents and prompt injection researchers is expected to become even more intense. As AI gains more autonomous control over funds, the risks associated with security vulnerabilities increase exponentially. Developers are now faced with the challenge of building defense mechanisms against various input systems, including not only text but also Morse code, emojis, and special symbols.

Ultimately, this $200,000 drain is small compared to the $70 million loss suffered by UPCX or the $12 million loss by Cork Protocol in 2025. However, the shock it sends to the security industry in terms of technical creativity is significant. The future of AI-based financial systems depends on how effectively they can block these "low-tech" bypass attacks. The following chart compares the scale of major protocol exploits over the past year with this Grok incident.