Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

admin by admin
December 28, 2022
in Ethical Hackers


Dec 28, 2022Ravie LakshmananBlockchain / Android Malware

Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users’ digital currencies.

“With maliciously implanted code, the altered APK led to the leak of user’s private keys and enabled the hacker to move funds,” BitKeep CEO Kevin Como said, describing it as a “large-scale hacking incident.”

According to blockchain security company PeckShield and multi-chain blockchain explorer OKLink, an estimated $9.9 million worth of assets have been plundered so far.

“Funds stolen are on BNB Chain, Ethereum, TRON and Polygon,” BitKeep further noted in a series of tweets. “More than 200 addresses on the other three chains were used in the heist, and all funds were transferred to 2 main addresses in the end.”

CyberSecurity

The incident is said to have taken place on December 26, 2022, with the threat actor exploiting and hijacking version 7.2.9 of the Android app package (.APK) file hosted on its website to distribute the trojanized variant.

That said, the digital break-in doesn’t impact BitKeep apps downloaded via Google Play, Apple App Store, or the Google Chrome Web Store.

BitKeep Confirms Cyber Attack

As many as five different counterfeit versions of the Android app with the following package names have been identified, suggesting that the apps were potentially distributed through phishing websites. The legitimate package name is “com.bitkeep.wallet.”

  • com.bitkeep.app
  • com.bitkeep.w4
  • com.bitkeep.w5
  • com.bitkeep.wallet5
  • io.bitkeep.wallet

The Singapore-headquartered company, which was founded in 2018, said it has traced the wallet address used to carry out the theft and that some of the siphoned digital assets have been frozen.

Users who have downloaded the APK file for version 7.2.9 are advised to install the latest version (7.3.0) released today and transfer the funds to a newly generated wallet address.

This is not the first time BitKeep has been breached. On October 18, 2022, it disclosed another security incident targeting its BitKeep Swap service that led to losses of about $1 million.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

A Free macOS IR Framework

Next Post

Top 20 Most Popular Hacking Tools in 2022

Next Post

Top 20 Most Popular Hacking Tools in 2022

Recommended

Announcing the HackerOne 2022 Attack Resistance Report: A Security Survey—How to Close Your Organization’s Attack Resistance Gap

6 months ago

REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints

5 months ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.