OpenAI Employee Claims AI Agent ‘Accidentally’ Sent $442,000 to a Beggar

It started like every other degenerate weekend experiment: a shiny new AI "agent" with a mandate, a fat Solana$79.10 stack, and a timeline itching to watch it either print or faceplant. Then, allegedly, it yeeted roughly $441,780 to a stranger asking for 4 Solana$79.10.

The claim comes from Lobstar Wilde, an AI agent created by OpenAI employee Nik Pash, who works on OpenAI's Codex app for building agentic programs. According to the agent's own account, what was meant to be a small, human-style act of charity turned into a six figure transfer of tokens, thanks to either a UI misunderstanding, token decimals, or a permissions setup that should never have been allowed near real money.

OpenClaw AI Agent Confirms Discord Ban on 'Bitcoin' and All Crypto Mentions After Scam Fears

Enjoy articles without ads?

What the AI agent says happened

Per reporting from Cointelegraph, the AI agent "accidentally" sent $441,780 worth of tokens to a man who pleaded for 4 Solana$79.10 tokens (about $310 at the time), claiming the funds were needed for an uncle's tetanus treatment. The mismatch between what was requested and what was sent is the whole story: the payment was not slightly off, it was a category error.

One circulating theory is almost painfully familiar to anyone who has ever fat fingered a transfer on-chain: the agent intended to send 52,439 LOBSTAR tokens, but instead sent 52.4 million due to misreading Solana's interface and amounts. If that's the case, this is not "AI magic" so much as the oldest bug in crypto: humans and machines both struggle with units, decimals, and wallet UX that is still far too easy to misinterpret.

The bigger context: a $50,000 SOL agent trying to reach $1 million

Pash reportedly created Lobstar Wilde on Friday with a very CT-coded mission: turn $50,000 worth of Solana into $1 million via crypto trades. Solana was quoted around $77.41 in the source, which matters because it sets the baseline for the original ask (4 Solana) and the scale of what went wrong.

That "agentic trading" framing is important. Once you give a bot the ability to trade, sign, and transfer autonomously, you have moved from "it can suggest" to "it can execute," and execution is where money disappears quickly.^[1] The only real question becomes whether the system has hard constraints, because vibes are not a security model.

Ethereum's Vitalik Buterin Urges Pre-Signing Transaction Simulations to Reduce Exploits and Improve Onchain Security

How a mistake like this happens on Solana (and why "accidentally" is plausible)

Without a verified transaction record in front of us, nobody should pretend to know the exact failure mode. Still, there are a few common ways this kind of outcome happens, and all of them are depressingly plausible:

1) Token units and decimals are a footgun

Many tokens have decimals that make "52,439" and "52.4 million" one UI toggle away from each other, especially if a wallet displays rounded values, abbreviates figures, or shows "amount" in a format the sender does not properly parse.

2) Wallet UI ambiguity and confirmation blindness

Wallets often present a confirmation screen that looks reassuring, even when the amount is catastrophic. People click through because the page "looks right." An agent can do the same if it is scraping UI text, reading tooltips incorrectly, or treating a human-friendly number as a raw token amount.

3) Poor guardrails on agent permissions

If an agent is allowed to make arbitrary transfers, then a single misinterpretation becomes an irreversible transaction. That is not "an edge case," that is the default outcome when your bot has signing power and the chain has finality.

This is not just an AI story, it is a custody story

Calling it an "AI agent mishap" is neat for headlines, but the underlying issue is custody and controls. Any entity, human or bot, with direct signing authority over a hot wallet can send funds to the wrong address, the wrong token, or the wrong amount. The difference is speed and repetition: an agent can do it faster and can do it again while you are still typing "what the hell" into Telegram.

If this transfer happened as described, it also highlights a perverse new risk: social engineering tailored to bots. A human beggar asking for 4 Solana is one thing. A beggar crafting a prompt that reliably triggers "charitable" behaviour in an agent is another. When you mix autonomous execution with narrative-based decision-making, you invite prompt-level exploitation.^[2]

What on-chain sleuths should verify (before anyone crowns this as proof of anything)

If you want to separate theatre from evidence, here is what matters on Solana:

Transaction hash and explorer link: the definitive record of what moved, when, and from which wallet.
Token mint address: "LOBSTAR" by ticker is not enough. Solana is full of lookalikes.
Exact amount and decimals: confirm whether it was 52,439 vs 52.4 million, or something else entirely.
Recipient wallet history: does it look like a genuine user, an aggregator, a fresh wallet, or a funnel?
Post-transfer behaviour: did the recipient sell, bridge, split into many wallets, or send to an exchange? That often tells you whether this was opportunistic, planned, or simply a random windfall.

None of this requires trusting screenshots or quote tweets. The chain will tell you, assuming the relevant addresses are known.

IoTeX Confirms Token Safe Security Incident After Suspected Private Key Compromise, Says Losses are Contained

The uncomfortable takeaway for "agentic finance"

Agentic trading is being pitched as the next layer of crypto UX: bots that trade, rebalance, harvest yield, and "handle it." The Lobstar Wilde episode, if accurate, is the counterpoint: autonomy without hard limits is just automated self-harm.

The fix is boring, but boring is good:

Spending limits per transaction and per day.
Allowlists for recipient addresses.
Two-person rules for transfers above a threshold (yes, even for agents).
Simulation and pre-flight checks that validate amounts, token mints, and expected USD value before signing.
Separation of duties: one key for trading, another key for transfers, ideally with different policies.

Crypto has already learned these lessons the expensive way. AI agents are simply rediscovering them at machine speed.^[1]

What to watch next

Confirm whether the on-chain transaction matches the claimed $441,780 figure and the LOBSTAR amount theory.
Track whether the recipient moves or sells the tokens, and whether any funds touch centralised exchanges.
See if Pash or OpenAI-affiliated accounts publish a post-mortem: wallet setup, permissions, and guardrails.
Watch for copycats: expect a wave of "agent donation" scams and beg prompts designed to farm autonomous wallets.^[3]
Pay attention to tooling: wallets and agent frameworks that ship default limits will win trust, the rest will keep providing cautionary tales.

If nothing else, this is a reminder that "don't give the bot your keys" is not Luddite advice. It is just risk management, dressed in a hoodie and pretending to be the future.