Blockchain security firm Peckshield reported that roughly $8 million of BitKeep users’ funds were stolen via a hacked APK version of the crypto wallet.
The BitKeep team confirmed the exploit on its official Telegram account and said the hackers hijacked some APK package downloads, which resulted in the loss of funds for its users.
The crypto firm added that users whose funds were stolen had downloaded an unknown version of its application. BitKeep wrote that users should transfer their funds to wallets downloaded from official sources like Google Play Store and App store.
BitKeep further recommended that its users create new wallet addresses as the hackers might still have access to the ones made via the compromised APK. The team asked affected users to submit their details to a Google form, adding that it would make full compensation if the theft was the platform’s fault.
BitKeep said the hacker had transferred most of the funds to a wallet address on Binance Smart Chain (BSC). The crypto firm added that it is looking for help in freezing the hacker’s address and retrieving the stolen funds.
Peckshield reported that the assets stolen included 4373 BNB ($1.06 million), $5.4 million USDT, $196,000 DAI, and 1233.21 ETH ($1.50 million).
Source: https://cryptoslate.com/hackers-steal-8m-from-bitkeep-users-by-spoofing-wallet-app/