BitKeep disclosed on its own Telegram channel on Monday, 26th of December, that the latest hack of its own wallets has been caused by the theft of 7.2.9 APK. The app versions that may be installed from the Play Store, as well as the App Store, are safe, according to BitKeep.
The file type that Android employs to store and install programs is called APK, or Android Package. APKs, which are frequently accessible outside of Google Play, enable users to install software on their Android smartphones from outside sources, which could increase security threats. The addresses generated by the infected APK could have been disclosed to hackers, hence users should ideally be prompted to do this action using a newly established wallet address.
To store their assets secure, the company advised its users to move their money to either its walled Chrome wallet or to its official store-downloaded version. The BitKeep users’ money was reportedly taken in a recent theft for an estimated $8 million, according to blockchain security services provider PeckShieldAlert. The assets that were taken, based on the tweet, were mainly in BNB, DAI, USDT and Ethereum.
On October 17, a bug in the BitKeep wallet caused the attacker to flee with $1 million value of BNB. The exploit was used in conjunction with a service that facilitated token swaps. The wallet firm terminated the service and pledged to reimburse any consumers who were negatively impacted. The Singapore-based firm BitKeep has intensified its initial investigation despite some Twitter users contesting this account of events and alleging instances of money being taken from the legally downloaded wallets.
Separately, security company Hacken reported that almost $6 million amount of cryptocurrency assets had been taken, and that the attack was still going on since the attacker was “directly moving customers’ money to other locations.” Hacken claims that the two principal addresses associated with the stolen money are a Binance’s Smart Chain wallet as well as an Ethereum wallet, the latter of which was the recipient of two big outgoing transactions totaling 709 and 504 ether, or nearly $865,000 and $615,000, respectively.
Bitkeep Hack: Should You worry? Even though Bitkeep is a decentralised crypto wallet, looking at the current security lapse, it is better to keep your crypto in a hardware wallet like Ledger.