Subscribe to our Telegram channel
Hackers break into a popular cryptocurrency wallet and steal millions of dollars worth of tokens
According to PeckShield’s report, hackers compromised a non-custodial BitKeep wallet and stole 4,000 BNB, 200,000 DAI, and 1,233 ETH. The total amount of user losses is estimated at $ 8 million.
The attack was carried out by hacking some APK (Android Package Kit) packages and installing malicious codes in them. The attackers made a fake version of a wallet belonging to the Bitget exchange and gained access to private keys and digital assets of customers.
#PeckShieldAlert #BitKeep reported that several users' funds were stolen, the official stated that possibly due to downloading a hacked APK version
∼$ 8M worth of assets have been stolen so far, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH pic.twitter.com/ZdomZGFWRO— PeckShieldAlert (@PeckShieldAlert) December 26, 2022
«To keep your funds safe, if you have downloaded the new APK version, please transfer all your cryptocurrencies to a wallet downloaded from the official app store (App Store or Google Play),» BitKeep representatives wrote in an appeal to affected users.
As it turned out, on the eve of the attack, investors received messages from suspicious social media accounts urging them to download the BitKeep wallet via a link. After opening the phishing link and installing the hacked APK file, the hackers gained access to all users' cryptocurrency.
The Bitget team has now stopped BitKeep’s swap service to prevent new exploits. The company is also investigating whether the loss of client funds is related to the platform’s vulnerability. If so, affected investors will receive compensation from the BitKeep Security Fund.
This is the second time in the last 3 months that hackers have managed to hack into the BitKeep wallet. The previous incident occurred in October, when a hacker stole $ 1 million from BitKeep by hacking through the swap function. The hack occurred on the BNB Chain network. The team also suspended BitKeep’s swap service to prevent new exploits.