This Monday, December 26, the wallet BitKeep was hacked. According to the official version, the cybercriminals posted a fake update of the crypto wallet and hacked $8 million in Tether (USDT), Ethereum (ETH), DAI, and BNB.

BitKeep published the information on its official Telegram channel. Thus, the wallet managers reported that the hack was possible because some downloads of the Android Application Packages (APK) of version 7.2.9 of the crypto wallet were hijacked by cybercriminals to install them with hacked codes on the mobile devices.

Furthermore, they asked users to transfer funds from the fake version of the crypto wallet to the wallet downloaded from any official store (App Store or Google Play). They also warned that hackers could access the addresses created through the hacked APK. Therefore, they recommended users create new addresses through the official app. 

Besides, PeckShield researchers determined that the hackers made off with approximately $8 million in cryptocurrency. The theft breakdown gave a total of 4,373 BNB, 5.4 million USDT, 196,000 DAI, and 1,233.21 ETH.

The official version could also be compromised

However, it was reported on Twitter that community members who did not have the fake APK also lost their funds. Thus, the tweet noted that the app downloaded from the official stores was immediately updated to version 7.2.9, so the official version might also be compromised.

BitKeep also promised to refund money to affected users and noted that it’s working to trace the funds. However, they did not give an official date for the refund of the cryptos. Sadly, this wallet is used by 8 million users in 168 countries and has a significant presence in Asia.

Also, they asked users to fill out a form with the address of the stolen wallet and the hacker’s address. Also, they asked which cryptocurrencies were stolen and the model of the mobile device they used at the time of the theft. They also requested the version of the wallet application and where they downloaded it.

But, the team doesn’t have access to the private keys of its users. Thus, recovering the funds stolen through the fake version of that crypto wallet will be much more difficult for the developers.


Wanna trade BTC, ETH, USDT, and other tokens? You can do it 安全地 在Alfacash上! And don’t forget we’re talking about this and many other things on our social media.

电报 * 脸书 * Instagram的 * YouTube *推特

Author

Working to make a decentralized world. Philologist and psychology student. I have been writing about cryptocurrencies since 2017. Literature, coffee, and cryptos.

zh_CN简体中文