BSV
$68.65
Vol 141.03m
2.66%
BTC
$97670
Vol 42671.52m
-1.46%
BCH
$500.64
Vol 1822.93m
2.2%
LTC
$97.59
Vol 2778.5m
7.51%
DOGE
$0.42
Vol 24707.3m
5.26%
Getting your Trinity Audio player ready...

As investigators try to unravel the unfortunate hack of BitKeep wallet during the holidays, new research has uncovered further information surrounding the event.

On-chain analytics firm OKLink released a report showing the modus operandi employed by the attacker. According to the report, the attacker created multiple fake sites for BitKeep users to update their wallet apps to the latest versions.

Unknown to the victims, the APK file from the site was a malicious file rigged to steal the seed phrases of unsuspecting users. It is unclear how the seed phrases were obtained at the moment, but there is speculation that users might have been asked to input their seed phrases to complete the update.

The result was the draining of nearly $13 million worth of digital assets, which OKLink claims were funneled through five wallets. The report confirmed that the attack involved four chains, including Binance Smart Chain (BSC), Ethereum (ETH), Tron (TRX), and Polygon (MATIC). It was also revealed that BNB Chain bridges were deployed in moving a number of assets to Ethereum.

“The reason for this massive theft is that hackers have hijacked the latest installation package 7.2.9 with the following version, and users are advised to transfer funds immediately,” read OKLink’s report.

After the heist, the attacker attempted to cash out by sending a portion of the funds to digital asset exchanges Binance and ChangeNOW. 2 ETH and 200 USDC were sent to Binance, while the hacker sent 21 ETH to ChangeNOW, but it is not clear if Binance has confiscated the virtual currencies.

Investigators are still trying to understand how the attacker convinced victims to visit the external site containing the rigged APK file. BitKeep’s statement confirmed that its developer’s official website had not been breached, claiming that the APK was the work of bad actors.

This is not the first time Bitkeep has been hacked. In October, the wallet lost $1 million worth of BNB following the breach of a token swap.

Riddled with big hacks

2022 has been characterized by jarring security breaches that have led to the loss of billions’ worth of digital assets. Ronin Network‘s $625 million hack will be indelible in the minds of industry enthusiasts, given the sheer size of the loot, outstripping Wormhole Bridge’s exploit.

Other exploits that sent the ecosystem into a frenzy include Nomad Bridge’s $190 million hack, Beanstalk Farms’ $182 million exploit, and Wintermute’s loss of $162 million to bad actors.

Several reports have pointed accusing fingers at North Korean hacking groups as being responsible for some of the industry’s largest security breaches.

Watch: The BSV Global Blockchain Convention presentation, Trust But Verify: Everything

Recommended for you

Lido DAO members liable for their actions, California judge rules
In a ruling that has sparked outrage among ‘Crypto Bros,’ the California judge said that Andreessen Horowitz and cronies are...
November 22, 2024
How Philippine Web3 startups can overcome adoption hurdles
Key players in the Web3 space were at the Future Proof Tech Summit, sharing their insights on how local startups...
November 22, 2024
Advertisement
Advertisement
Advertisement