Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users’ digital currencies. “With maliciously implanted code, the altered APK led to the leak of user’s private keys and enabled the hacker to move funds,” BitKeep CEO Kevin Como said, describing it as a “large-scale hacking incident”. According to blockchain security company PeckShield and multi-chain blockchain explorer OKLink, an estimated $9.9 million worth of assets have been plundered so far.
Up to five fake versions of Android apps with the following package names have been identified, suggesting that these apps may have been distributed via phishing websites. The legal package name is com.bitkeep.wallet. The Singapore-based company, founded in 2018, said it had tracked down the wallet addresses used in the theft and had frozen some of the stolen digital assets. Users who have downloaded version 7.2.9 of his APK file are advised to install the latest version released today (7.3.0) and transfer funds to the newly generated wallet address.
“Funds stolen are on BNB Chain, Ethereum, TRON and Polygon,” BitKeep further noted in a series of tweets. “More than 200 addresses on the other three chains were used in the heist, and all funds were transferred to 2 main addresses in the end”. The incident is said to have taken place on December 26, 2022, with the threat actor exploiting and hijacking version 7.2.9 of the Android app package (.APK) file hosted on its website to distribute the trojanized variant. That said, the digital break-in doesn’t impact BitKeep apps downloaded via Google Play, Apple App Store, or the Google Chrome Web Store.
This is not the first time BitKeep has been compromised. On October 18, 2022, the company announced another security incident targeting his BitKeep Swap service, resulting in a loss of approximately $1 million.
- Cyber attack confirmed by BitKeep; More than $9 million in digital currencies lost
- Check all news and articles from the latest Security news updates.