BitKeep Hacked: Unofficial APK Used to Steal $8 Million of Users’ Funds

0

In 2022, there have been widespread hacks in the DeFi ecosystem because hackers have chosen to milk funds by exploiting smart contract vulnerabilities.

The year ends, and the holiday spirit is in the air. On December 26th, BitKeep announced that they had been hacked again, and that the hacker had stolen $ 8 million from users’ wallets.

This year has not been so good with Bitkeep because it has been a victim of a hack twice this year. In October, hackers gained access to their smart contract vulnerability and stole $1 million, and now around $8 million of users’ funds have been stolen by the hacker.

BitKeep wallet is a decentralized crypto wallet that is available on various crypto networks via a web browser, a mobile app, and a DApp (decentralized app). BitKeep multi-chain wallet allows users to trade NFTs and other crypto assets.

How the hack happened

BitKeep announced the exploit via its official Telegram handle, stating some users have downloaded a hacked APK version (7.2.9) of the BitKeep wallet. These users’ funds were stolen when they were not using their wallets.

According to PeckShieldAlert, a blockchain security firm revealed on Twitter that several users’ funds were stolen. The official stated that it was probably due to downloading a hacked APK version. $8M worth of assets have been stolen, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH.

BitKeep Team’s Suggested Way Out

The team told their users to follow the below steps because the hack is still ongoing.

  1. Avoid using APK version 7.2.9. 
  2. Users should download the app from Google Play and the iOS store.
  3. Users should create a new address for any transaction because the hacker may have taken over the previous addresses.

The BitKeep wallet team also provided a Google form link for the affected users to submit their queries so that the team can help individuals handle the problem.

According to BitKeep, the stolen funds will be refunded to consumers if investigations indicate that the exploit occurred by mistake on the company’s side.

Conclusion

This year experienced the most widespread hacking occurrences in the history of crypto. From the $230 million Wormhole Bridge hack to the $630 million Axie Infinity hack and the $100 million Harmony hack to the latest BitKeep hack. PeckShield disclosed in November that DeFi hacking had cost more than $3 billion, more than doubling the figure for 2021.

Leave a Reply

Your email address will not be published. Required fields are marked *