BitKeep CEO says some users' private keys remain at risk after exploit

Published at: Dec. 27, 2022

According to a letter posted on Chinese blockchain news publisher Odaily.com on Dec. 27, Kevin Como, anonymous CEO of BitKeep, warned that users' private keys are still at risk after a security incident on Dec. 26 led to over $13 million in losses at the time of publication. BitKeep is one of the more popular non-custodial, decentralized finance multi-chain wallets with over 6 million users. Specifically, Kevin wrote:

"This was a large and atrocious hacker attack incident. The BitKeep APK 7.2.9 (Android Package Kit) installation package was hijacked and swapped by the hacker, and as a result, some users already installed the APKs that were planted malware by the hackers, leading to a leak of users' private keys."

Kevin urged users who had already downloaded the Android APK 7.2.9. to transfer their digital assets to a new wallet. "It is probable that [these wallets] already had their private keys leaked." The crypto executive wrote.

In terms of progress, Kevin explained that the BitKeep team has already been in contact with blockchain security firms such as SlowMist to trace the stolen funds. "We have actively collected information about users' stolen assets, made a complete recollection of hacking procedures and timeline, and have collected evidence of the Android 7.2.9 APK malware," he stated.

Web 3.0 data analytics firm OKLink first reported yesterday that attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. Users who downloaded and interacted with the malicious file then had their private keys or seed words stolen and sent to the attacker.

【12-26 #BitKeep Hack Event Summary】1/nAccording to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M.

— OKLink (@OKLink) December 26, 2022

Tags

Technology

Blockchain

Cryptocurrencies

Hacks

Related Posts

‘DeFi done right’: Layer-one protocol launches mainnet

A decentralized finance protocol has launched its mainnet — describing it as a crucial step on the journey to a frictionless financial future. Radix, which describes itself as a platform for smart money, is also launching Instapass with its Olympia mainnet — an optional user and developer service that delivers the world’s first single sign-on solution for building compliant DeFi. The Radix mainnet is being positioned as a generational improvement in the history of decentralized ledger computing — and one that delivers 100 times more executional efficiency than the Ethereum Virtual Machine. This comes hot on the heels of the …

Decentralization / July 29, 2021

Report: Blockchain-related hacks have declined in 2020

The amount of cryptocurrency and blockchain-related hacks has been decreasing over the course of 2020, a new report claims. According to data analyzed by VPN provider Atlas VPN, the number of hacks in the first half of 2020 dropped more than three times compared to the same period in 2019. The data is part of a report released by Atlas VPN on Oct. 28. According to Atlas VPN, 2019 was a record-breaking year for blockchain hackers that exploited 94 successful attacks in the first half of the year, while in H1 2020 there were 31. Per the report, 2019 as …

Technology / Nov. 2, 2020

Coin Bureau Youtube channel hacked despite 2FA protection

Coin Bureau, a popular information portal for cryptocurrency developments with over 600,000 followers on Twitter, experienced a security breach on its Youtube channel on Monday. Hackers allegedly uploaded a video with links to scam fiat/cryptocurrency addresses soliciting a token sale before being taken down by Youtube. According to Coin Bureau staff, they were baffled by the incident as its accounts were "secured with ultra-strong passwords and Google security keys." So our YouTube channel was just hacked. Have absolutely no idea how this happened. All accounts are secured with ultra strong passwords and Google security keys. @YouTubeCreators this is a serious …

Technology / Jan. 24, 2022

Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'

On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …

Technology / Feb. 3, 2022

Report: GALA token exploit resulted from public leak of private key on GitHub

According to a new post by blockchain security firm SlowMist on Nov. 7, it appears that the last week’s token exploit affecting GameFi project Gala Games resulted from a public leak of applicable security keys on GitHub. As told by SlowMist, pNetwork, the cross-chain interoperability bridge used by Gala Games on the BNB Smart Chain, had three privileged roles in its smart contract pGALA. “The Admin role is used to manage upgrades and changes to the Admin address of the proxy contract. The DEFAULT_ADMIN_ROLE role is used to manage various privileged roles in the logic (eg: MINTER_ROLE ), and the …

Technology / Nov. 7, 2022