Subscribe to Updates

    Get the latest creative news from CRYPTO NOUNCE.

    What's Hot

    Musk, experts urge pause on training AI systems more powerful than GPT-4 By Reuters

    March 29, 2023

    Dogecoin [DOGE]: Short-term investors could gain, but only if…

    March 29, 2023

    The government should fear AI, not crypto: Galaxy Digital CEO

    March 29, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram Vimeo
    Cryptonounce.com
    Contact
    • Business
      • Deals
      • investors
      • IPO
      • Startups
      • Wall Street
    • Markets
      • Bonds
      • Commodities & Futures
      • Currencies
      • Funds & ETFs
      • Stocks
    • Crypto
      • Alticoins News
      • Binance News
      • Bitcoins News
      • Blockchain News
      • Ethereum News
      • Token Sales News
      • XRP News
    • Technology
      • Artificial Intelligence
      • Big Data
      • Cloud Computing
      • Cybersecurity
      • Gaming
      • Internet of Things
      • Mobile
      • Social Media
      • Transportation
      • VR & AR
    • FinTech
    • Personal finance
    • Grides
      • Crypto
      • FinTech
      • Investing
      • Personal Finance Guides
      • Techonology
    • Tools
      • Coins
      • ICO List
      • Organigations
      • Events
    Cryptonounce.com
    Home » BitKeep exploiter used phishing sites to lure in users: Report
    Ethereum News

    BitKeep exploiter used phishing sites to lure in users: Report

    AdmincryptBy AdmincryptDecember 26, 2022No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
    Share
    Facebook Twitter LinkedIn Pinterest Email



    The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink.

    The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker.

    【12-26 #BitKeep Hack Event Summary】
    1/n

    According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M.

    — OKLink (@OKLink) December 26, 2022

    The report did not say how the malicious file stole the users’ keys in an unencrypted form. However, it may have simply asked the users to re-enter their seed words as part of the “update,” which the software could have logged and sent to the attacker.

    Once the attacker had users’ private keys, they unstaked all assets and drained them into five wallets under the attacker’s control. From there, they tried to cash out some of the funds using centralized exchanges: 2 Ether (ETH) and 100 USD Coin (USDC) were sent to Binance, and 21 ETH were sent to Changenow.

    The attack happened across five different networks: BNB Chain, Tron, Ethereum and Polygon, and BNB Chain bridges Biswap, Nomiswap and Apeswap were used to bridge some of the tokens to Ethereum. According to OKLink, a total of over $9.92 million worth of crypto was taken in the attack, although other sources have said that it is only $8 million.

    Related: Defrost v1 hacker reportedly returns funds as ‘exit scam’ allegations surface

    It is not yet clear how the attacker convinced users to visit the fake websites. The official website for BitKeep provided a link that sent users to the official Google Play Store page for the app, but it does not carry an APK file of the app at all.

    The BitKeep attack was first reported by Peck Shield at 7:30 am UTC. At the time, it was blamed on an “APK version hack.” This new report from OKLink suggests that the hacked APK came from malicious sites and that the developer’s official website has not been breached.