BitKeep, a decentralized multi-chain cryptocurrency wallet, announced a cyber attack on its Android app on Wednesday that allowed threat actors to spread fake copies of it in order to steal users’ digital money.
In a “large-scale hacking event,” according to BitKeep CEO Kevin Como, “the altered APK caused the disclosure of user’s private keys and enabled the hacker to move funds.”
A total of $9.9 million worth of assets have reportedly been stolen so far, according to multi-chain blockchain explorer OKLink and blockchain security firm PeckShield.
The incident is said to have taken place on December 26, 2022, with the threat actor exploiting and hijacking version 7.2.9 of the Android app package (.APK) file hosted on its website to distribute the trojanized variant.
That said, the digital break-in doesn’t impact BitKeep apps downloaded via Google Play, Apple App Store, or the Google Chrome Web Store.
These fake Android apps may have been disseminated through phishing websites because there have been reports of up to five different versions with various package names. The official name of the package is “com.bitkeep.wallet.”
- com.bitkeep.app
- com.bitkeep.w4
- com.bitkeep.w5
- com.bitkeep.wallet5
- io.bitkeep.wallet
The 2018-founded business with its headquarters in Singapore claimed to have tracked the wallet address used to commit the crime and to have frozen part of the stolen digital assets.
Users who downloaded the APK file for version 7.2.9 are urged to install the most recent version (7.3.0), which was released today, and send money to a newly created wallet address.
It has happened before that BitKeep has been compromised. It announced a second security breach that affected its BitKeep Swap service on October 18, 2022, and caused losses of around $1 million.