Popular Crypto Wallet Compromised, $8 Million Stolen


article image

Arman Shirinyan

Original wallet is safe to use, but you should be cautious when downloading APKs

According to PeckShield’s report, popular cryptocurrency wallet BitKeep reported that several users lost their funds after contacting a compromised APK version of the application. Hackers were able to steal $8 million worth of assets, including more than 4,000 BNB, $5.4 million USDT, around 200,000 DAI and 1,233 ETH.

Attack directions

It is not yet clear where the compromised APK originated and what was the source of most downloads. However, some users reported that they have been personally contacted by suspicious accounts in social media platforms like Twitter, where scammers urged them to download the BitKeep wallet.

However, links spread on Twitter were nothing but phishing tools. After opening it and downloading a hacked APK file, users’ devices were compromised, and crypto thieves got access to all funds sent on addresses set in the application.

After reaching a certain download threshold, hackers decided to “withdraw” funds on compromised wallets and made a bankrun. As for now, most of the funds are concentrated on one address owned by hackers.

It is important to check the source of downloaded APKs every time you work with cryptocurrency wallets, trading platforms or any other applications that include payments, wallets or any other tools that require you to deposit funds.

If you are a BitKeep user, make sure to check the source of the APK you used to install the wallet, and if it seems suspicious, move all of your funds away from the wallet to some other commonly used storage or hardware wallet. Alternatively, you can send funds to any trusted exchange like Binance temporarily, until finding a better solution for keeping funds.

Source: https://u.today/scam-alert-popular-crypto-wallet-compromised-8-million-stolen