Bitkeep Hacker Attracted Users Via Phishing Websites: Report

Several Bitkeep wallet users have reported their wallets getting emptied after users downloaded an unofficial version of a pseudo update made by hackers to trigger the transactions during Christmas eve.

Bitkeep is a decentralized multichain based on the web3 Defi wallet. It is supported by 30 blockchains, 76 main networks, and more than 20,000 decentralized applications. It is one of the most popular decentralized finance multichain wallets used by over $6 million individuals.

Bitkeep has officially confirmed the phishing carried out by the hackers, in their official telegram group. They disclosed that some of the data regarding the APK package downloads have been hijacked by hackers and malware code is installed in the update file version 7.2.9. 

Hackers Set Up Several Websites For This Purpose

Other reports stated that the attackers have set up several websites with the update package which looks similar to the 7.2.9 version of the Bitkeep wallet, with downloading the file enabling the hacker to access all the private keys and data in the customer’s account.

The company advised all users to move their funds to a new wallet address, after downloading the official version from google play or the app store. In addition, BitKeep assured that any wallet created under the malware update is compromised.

The investigation report does not conclude how the hacker was able to steal the user’s key in an unencrypted form, the developers believe that the hacker may have simply asked to input the seed numbers as part of the update which the software could have sent all the user data to the attacker.

Once the hacker can get their hands on the user’s private keys, they unstacked all the assets into five different wallets under the hacker’s control and from there they cashed out using centralized exchanges; two Ethereum and 100 USD coins were cashed out from Binance and 21 ETH were sent to Changenow.

The phishing was carried out across five different network platforms BNB chain, Tron, Ethereum, and Polygon. Some other networks such as BNB chain bridges, Biswap, Nomiswap, and Apeswap were used as bridges for the tokens to Ethereum.

BitKeep could not determine the loss of money in the due time due to these hacks. To ease the count of the loss and patch up the loose end in the wallet, Bitkeep asked its users to furnish them with all the details of the hack through a google form link, provided to them.

More: Attack Against LastPass’s Password Vault Reveals The Shortcomings Of Web2 

One of the wallets has reported stolen funds of $5 million of funds, but the company has no clear idea of how much funds have been stolen from the user’s wallets. According to the reports by Peckshield more than $8 million worth of assets has been stolen.

The breakdown of the stolen fund displays, $ 4373 BNB, 5 million Dollars in terms of currency, $196,000 DAI, and $1233 in Ethereum.

Since the attack is still ongoing, Bitkeep has advised its users to get rid of the pseudo-updated version before more funds get stolen from their accounts.

In a previous event back in October 2021, Bitkeep was attacked by hackers stealing the wallets with $1 million worth of BNB. This was carried out after a hacker exploited a vulnerable option that allowed him to enable the service that allowed him to perform token swaps.

To avoid any further attacks, Bitkeep suspended the token-swapping service and reimbursed all the affected users. In this case, since it, the APK was voluntarily downloaded by the users through random websites, it is highly unlikely that they will pledge any refunds for the users.