Hackers drain $8M in assets from Bitkeep wallets in latest DeFi exploit

While galore are inactive enjoying the vacation season, hackers are hard astatine work, draining astir $8 cardinal successful an ongoing BitKeep wallet exploit. 

On Dec. 26, immoderate users of the multichain crypto wallet BitKeep reported that their funds were being drained and transferred portion they were not utilizing their wallets. In their authoritative Telegram group, the BitKeep squad confirmed that immoderate APK bundle downloads person been hijacked by immoderate attackers and person been installed with codification that was implanted by hackers. They wrote:

“If your funds are stolen, the exertion you download oregon update whitethorn beryllium an chartless mentation (unofficial merchandise version) hijacked.”

As the hack continues, the BitKeep squad urged its users to transportation their funds to a wallet that came from authoritative sources similar Google Play and the Apple App Store. Apart from this, the squad besides asked assemblage members to usage recently created wallet addresses arsenic their erstwhile addresses whitethorn already beryllium “leaked to hackers.” To assistance with the investigation, the BitKeep squad asked affected users to submit the applicable materials done a Google signifier they provided.

#PeckShieldAlert #BitKeep reported that respective users' funds were stolen, the authoritative stated that perchance owed to downloading a hacked APK version
∼$8M worthy of assets person been stolen truthful far, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH pic.twitter.com/ZdomZGFWRO

— PeckShieldAlert (@PeckShieldAlert) December 26, 2022

One suspected hacker wallet code already has much than $5 cardinal successful integer assets. While the magnitude exploited is inactive not last and the attackers are inactive presently transferring funds to aggregate wallet addresses, blockchain information and analytics steadfast PeckShield highlighted that there’s been much than $8 cardinal successful Tether (USDT), DAI (DAI), Binance Coin (BNB) and Ether (ETH) stolen truthful far.

Related: DeFi flash indebtedness hacker liquidates Defrost Finance users causing $12M loss

On Oct. 17, the BitKeep wallet besides suffered an exploit with the attacker taking disconnected with $1 cardinal worthy of BNB. The exploit was conducted done a work that enabled token swaps. The wallet steadfast suspended the work and pledged to reimburse each the affected users.