BitKeep is a multi-chain cryptocurrency wallet. On Monday, it was revealed that a hacking event occurred, resulting in consumers losing millions of dollars in different cryptocurrencies. On December 26, several BitKeep customers claimed that their funds were being drained and moved when they were not even using their wallets. The BitKeep team stated in their official Telegram channel that certain APK package downloads have been hijacked by some hackers and installed with hacker-implanted malware.
APK, or Android Package, is the file format used by Android OS to distribute and instal apps. APKs, which are often accessible outside of Google Play store, enable users to instal applications from third-party sites on their Android smartphones, which may result in increased potential threats.
If your funds are stolen, the application you download or update may be an unknown version (unofficial release version) hijacked.
The BitKeep team wrote in its official Telegram group
The BitKeep team advised users to move their funds to a wallet obtained from legitimate sources such as Google Play Store and the Apple App Store. In addition, the team requested that community members adopt freshly generated wallet addresses since their prior ones had been “leaked to hackers.” To assist in the investigation, the BitKeep team requested that concerned users submit relevant documents through a Google form they supplied.
The stolen assets include roughly 4373 $BNB, 5.4 million $USDT, 196k $DAI, and 1233.21 $ETH, according to a tweet by PeckShield, a blockchain security and data analytics business. BitKeep has also paused its services to guarantee that there are no further security vulnerabilities.
#PeckShieldAlert #BitKeep reported that several users' funds were stolen, the official stated that possibly due to downloading a hacked APK version
— PeckShieldAlert (@PeckShieldAlert) December 26, 2022
∼$8M worth of assets have been stolen so far, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH pic.twitter.com/ZdomZGFWRO
Separately, security company Hacken said that about $6 million in crypto assets were taken, adding that “the attack is still active and the attacker is actively moving users funds to various addresses.”
According to Hacken, the key addresses associated with stolen cash include a Binance Smart Chain wallet and an Ethereum wallet, with the latter witnessing two significant outbound transactions for 709 Ethereum (approximately $865,000) and 504 Ethereum (approximately $615,000).
🚨BitKeep Wallet has been hacked
— Hacken🇺🇦 (@hackenclub) December 26, 2022
We recommend all users to transfer funds out of the addresses created using this wallet
We will share more information as we verify it
🧵…
