BitKeep is a decentralized platform for crypto trading. The company was founded in 2018 by Kevin Como. BitKeep has its own wallet app which users can buy, sell and store various crypto assets. BitKeep also allows you to swap various tokens and do NFT trading or storing.
In early December, BitKeep tweeted about a new security update that is designed to protect user assets. But a few weeks later, on December 26, one of BitKeep’s users asked the company why 0.05 BNB was automatically withdrawn from his wallet to an unknown location while he was sleeping.
Why did my Bitkeep wallet automatically transfer 0.05BNB at 04:00 on December 26th when I slept the most soundly? pic.twitter.com/B0jL2mwHFe
— Far away (@Hk0954859Kim) December 26, 2022
Of course, this was not the only case when money from BitKeep user's wallet was transferred elsewhere. The following day, BitKeep announced a summary of the hacker attack. As it turned out, hackers were able to inject malicious code into the APK file of the BitKeep application.
2/ After preliminary investigation by the team, it is suspected that the latest BitKeep 7.2.9 APK downloads have been hijacked by hackers and installed with code implanted by hackers.
— BitKeep Wallet (@BitKeepOS) December 27, 2022
According to the BitKeep team, the losses from the attack totalled approximately $8 million. Some of the stolen funds were tracked and frozen.
4/ We have traced and identified around $8 million stolen funds. BitKeep Tech team is pinpointing the root cause and tracking the stolen funds, some of which have already been frozen with the help of third parties.
— BitKeep Wallet (@BitKeepOS) December 27, 2022
The target of the attacks were the BNB Chain, Ethereum, TRON and Polygon chains.
7/ The addresses on BNB Chain, Ethereum and Polygon are as follows. The TRON addresses used by the hacker will be disclosed later when we have more updates.
— BitKeep Wallet (@BitKeepOS) December 27, 2022
The malicious code automatically sent user's tokens to the hacker's addresses. After that, all the stolen funds were swapped to USDT to the amount of 8,989,011.
10/ All stolen tokens were swapped for USDT in the amount of about 8,989,011.
— BitKeep Wallet (@BitKeepOS) December 27, 2022
BitKeep will keep tracking hacker's criminal actions and do whatever it takes to protect the interest of our users. We will keep updating relevant information with our communities. Please stay tuned.
Two days after the attack, the CEO of BitKeep, Kevin Como, wrote an open letter to users in which he wrote about the attack, apologized for the incident and promised that the BitKeep team would do everything possible to fix this error and avoid a repeated incident in the future.
“The whole BitKeep team and I are pulling all strings we can and going to great lengths to recover the stolen assets. This and compensating the victimized users are our top priorities now. We also have a new security strategy planned to restructure and upgrade our technical solution as security is the cornerstone of the whole BitKeep business. If you have suffered any loss in this incident, we’re very sorry. But please don’t worry, because I assure you that we will give you a satisfying solution.”
The year has been a bonanza for hacker attacks. As a solution, some experts recommend to keep funds in non-custodian wallets. This will increase security but there is always a risk that you lose the wallet itself or the seed-phrase. The industry is evolving and many new hybrid solutions are coming into the arena. We will keep observing their development.