December 28, 2022Rabbi LakshmananBlockchain / Android Malware

On Wednesday, decentralized multi-chain crypto wallet BitKeep confirmed a cyberattack that allowed attackers to distribute unauthorized versions of its Android apps with the aim of stealing users’ digital currency.

“Maliciously embedded code led to compromised APKs exposing users’ private keys, allowing hackers to transfer funds,” said Kevin Como, CEO of BitKeep. Saiddescribed it as a “massive hacking incident.”

According to blockchain security firm pec shield multichain blockchain explorer ok linkestimated $9.9 million A considerable amount of property has been looted so far.

“The stolen funds are on the BNB chain, Ethereum, Tron and Polygon,” BitKeep further said. I got it In a series of tweets, “More than 200 addresses from 3 other chains were used in the robbery and all funds were ultimately transferred to 2 main addresses.”

cyber security

This incident is said to have occurred on December 26, 2022. Attackers exploited version 7.2.9 of an Android app package (.APK) file hosted on a website to hijack and distribute a trojanized variant.

However, the digital intrusion does not affect BitKeep apps downloaded via Google Play, Apple App Store, or Google Chrome Web Store.

BitKeep Confirms Cyberattack

Five different counterfeit versions of the Android app with the following package names have been identified, suggesting the app may have been distributed via phishing websites: A legal package name iscom.bitkeep.wallet.”

  • com.bitkeep.w4
  • com.bitkeep.w5
  • com.bitkeep.wallet5
  • io.bitkeep.wallet

The Singapore-based company, founded in 2018, said it had tracked down the wallet addresses used in the theft and had frozen some of the siphoned digital assets.

For users who downloaded the version 7.2.9 APK file, we recommend installing the latest version released today (7.3.0) and transferring funds to the newly generated wallet address.

This is not the first time BitKeep has been compromised. 18 October 2022, disclosed Another security incident targeting the company’s BitKeep Swap service resulted in a loss of approximately $1 million.

Did you find this article interesting?Please follow us twitter When LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog