On December 26, some BitKeep customers who use the multi-chain cryptocurrency wallet reported that money was being taken and transferred from their wallets while they were not using them. The BitKeep team acknowledged on their official Telegram channel that some APK package downloads have been compromised and hijacked by some hackers and deployed with malicious code.
Bitkeep team further addressed victims of the loss, saying:
“If your funds have been stolen, the application you downloaded or updated may have been an unofficial version.”
The BitKeep team advised its customers to move their money to a wallet that originated from a trusted source, such as Google Play or the Apple App Store, as the breach continued. The company further requested that community members utilize newly generated wallet addresses because their old ones may have already been “leaked to hackers.”
The BitKeep team encouraged affected users to submit their relevant information using a Google form so that it may be used to aid in the investigation.
A wallet address believed to belong to a hacker possesses more than $5 million in digital assets. PeckShield, a blockchain security and analytics company, reported that the stolen assets comprised 1233.21 ETH ($1.50 million), $5.4 million USDT, $196,000 DAI, and 4373 BNB ($1.06 million), even though the total amount exploited is still not final. The attackers are constantly sending money to other wallet addresses.
On October 17, a vulnerability in the BitKeep wallet permitted a hacker to flee with $1 million worth of BNB. The wallet firm halted the service and made a refund offer to all clients who were affected.
Read Also: Animoca Brands and LayerZero launch a global hackathon program