The blockchain executive urged users who downloaded the BitKeep 7.2.9. APK malware to transfer their assets immediately.
The anonymous CEO of BitKeep, Kevin Como, stated in a letter published on Chinese blockchain news website Odaily.com on December 27 that customers’ private keys are still in danger following a security incident on December 26 that resulted in losses of over $13 million at the time of publication.
With more than 6 million users, BitKeep is one of the more well-known noncustodial, decentralized finance multichain wallets. Como specifically stated:
“This was a large and atrocious hacker attack incident. The BitKeep APK 7.2.9 (Android Package Kit) installation package was hijacked and swapped by the hacker, and as a result, some users already installed the APKs that were planted malware by the hackers, leading to a leak of users’ private keys.”
Como recommended customers to move their digital assets to a new wallet if they have already downloaded the Android APK 7.2.9. “It is probable that [these wallets] already had their private keys leaked,” the crypto executive wrote.
Como detailed the work made, saying that the crypto wallet’s team has already been in touch with SlowMist and other blockchain security companies to track down the cash that were taken.
“We have actively collected information about users’ stolen assets, made a complete recollection of hacking procedures and timeline, and have collected evidence of the Android 7.2.9 APK malware,” he stated.
The Web3 data analytics company OKLink first revealed yesterday that the attacker created a number of phony BitKeep websites that contained an APK file that appeared to be BitKeep wallet version 7.2.9. Private keys or seed words were then taken from users who downloaded and interacted with the infected file and provided to the attacker.
