After interacting with a hacked APK version of the program, some BitKeep users lost their cash to an ongoing hack, as reported by PeckShield. Over 4,000 BNB, $5.4 million USDT, roughly 200,000 DAI, and 1,233 ETH, totalling over $8 million, were stolen by the hackers.
How this came to be
While they were away from their BitKeep multichain cryptocurrency wallets on December 26, several users noticed that money was being siphoned and moved. The BitKeep team stated in their formal Telegram channel that attackers have hijacked specific APK package downloads and inserted malicious malware into the installed apps.
They penned that downloading or updating a program from an unauthorized source (version not intended for general release) increases the risk of stealing your money.
Amid the hack, the company has advised its customers to move their money to another wallet from a trusted source such as the Google Play Store or the Apple App Store. In addition, the team recommended that community members generate new wallet addresses as hackers may already have access to the old ones. The BitKeep team has requested anybody impacted to report any pertinent information using a Google form they have made available.
At least $5 million worth of cryptocurrency is stored at an address the hacker may have compromised. PeckShield said that more than $8 million in Tether USDT, DAI (DAI), Binance Coin (BNB), and Ether (ETH) had been attacked. However, the exact number still needs to be determined since the attackers continually move the money to other wallet addresses.
This is not the first time BitKeep has been hacked. On October 17, an exploit was discovered in the BitKeep wallet, and the perpetrator made off with $1 million worth of BNB. The attack was carried out by use of a token-swapping service. The wallet company temporarily shut down operations and promised to compensate all customers.