All
Contribute!
BlockchainCrypto MarketCryptocurrency

BitKeep exploiter used phishing sites to lure in users: Report

CoinSurges
By CoinSurges

Share This Post

The attacker appears to be attempting to cash out funds using Binance and Changenow.

The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink.

The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker.

The report did not say how the malicious file stole the users’ keys in an unencrypted form. However, it may have simply asked the users to re-enter their seed words as part of the “update,” which the software could have logged and sent to the attacker.

Once the attacker had users’ private keys, they unstaked all assets and drained them into five wallets under the attacker’s control. From there, they tried to cash out some of the funds using centralised exchanges: 2 ETH and 100 USDC were sent to Binance, and 21 ETH were sent to Changenow.

The attack happened across five different networks: BNB Chain, Tron, Ethereum, and Polygon, and BNB Chain bridges Biswap, Nomiswap, and Apeswap were used to bridge some of the tokens to Ethereum. In total, over $13 million worth of crypto was taken in the attack.

Related: Defrost v1 hacker reportedly returns funds as ‘exit scam’ allegations surface

It is not yet clear how the attacker convinced users to visit the fake websites. The official website for BitKeep provided a link that sent users to the official Google Play Store page for the app, but it does not carry an APK file of the app at all.

The BitKeep attack was first reported by Peck Shield at 7:30 a.m. UTC. At the time, it was blamed on an “APK version hack.” This new report from OKLink suggests that the hacked APK came from malicious sites, and that the developer’s official website has not been breached.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

POPCAT Surges Past $1.0094 All-Time High – What’s The Next Price Target?

POPCAT has achieved a remarkable milestone by surging past its all-time high of $10094, igniting excitement among traders and investors alike This breakout signals a powerful bullish momentum,

Crypto Ponzi Leader Receives 121-Month Prison Sentence

David Carmona, founder of the Icomtech cryptocurrency Ponzi scheme, has been sentenced to over 10 years in prison for defrauding investors with false promises of profits His scheme targeted

Bitcoin Investors Show Fear – Could A Price Bottom Be Imminent?

In contrast to popular bullish sentiments, Bitcoin began October on a bearish note, recording a price decline of over 7% in the first three days of the month However, while the BTC market experienced

Paypal Completes First Corporate Transaction Using PYUSD Stablecoin

Paypal has made a significant step in corporate payments by completing its first transaction using its stablecoin Paypal USD (PYUSD) This milestone highlights the role digital currencies can play in

Tornado Cash At Center Of $287 Million Laundered In Q3: High-Profile Anomalies Exposed

The ongoing legal saga surrounding Tornado Cash, a cryptocurrency mixing service, has intensified as its co-founders face serious allegations of facilitating money laundering on a massive scale Roman

Crypto Analyst Predicts Bitcoin Price Will Hit New All-Time High If It Breaks This Level

Bitcoin, which started the month on a negative note, has begun to regain some positive momentum and is up by 166% in the past 24 hours This recovery comes amid renewed optimism in the crypto space,
Previous article
Krampus is coming to the crypto space this holiday season
Next article
Palau reportedly partners with Ripple to launch national stablecoin

Categories:

Hot right now:

Company:

Follow on:

Crypto Coin Live Stats

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.