According to the team of project, a preliminary investigation shows that some APK package downloads were hacked and the hackers injected them with malicious code before their installation.
APK is a file format known as Android Package, which is used by Android for the distribution and installation of apps.
CypherMind-HQ.com Artificial Intelligence Crypto Trading System – Get Ahead of the Curve with this sophisticated AI system! Harness the power of advanced algorithms and level up your crypto trading game with CypherMindHQ. Learn more today!
APKs can also be found outside Google Play and are helpful because they enable users to install apps from third-party sources on their Android devices. However, this leads to higher security risks.
The official Telegram group of BitKeep said that the downloaded application or any update installed could be an unofficial version and there is a possibility that it could be hijacked, leading to stolen funds.
All users who had downloaded the APK versions were informed by BitKeep to transfer the funds to the wallet they had downloaded from Google Play or the App Store.
Users are ideally advised to choose a wallet address that has been newly created because it is possible that hackers may already have access to the address you create via the malicious APK.
Loss of millions
PeckShield shared estimates about the amount of funds that were drained from BitKeep wallet. According to the security firm, the total value of funds that were stolen in different crypto assets was $8 million.
This version of events has been questioned by some Twitter users, as they reported that some wallets that were officially downloaded had also had their funds stolen.
It has prompted BitKeep, the company based in Singapore, to double down in its investigation of the entire incident.
A spokesperson for BitKeep said that the 7.2.9 APK had been hijacked and that this was likely not the official version of the app, which had resulted in the theft.
The spokesperson said that they had asked users to transfer their funds as quickly as possible either to the BitKeep Chrome plug-in or to the official store app.
They were also told to use a new wallet address for this purpose. The spokesperson clarified that the official app of BitKeep available in Google Play and App Store did not have any problem.
Hacken, another security firm, also published a report of the incident in which it said that crypto assets worth $6 million had been compromised.
The company said that the attack was still ongoing and those behind it were transferring the funds to several addresses.
Hacken said that they had identified an Ethereum wallet and a Binance Smart Chain wallet as the primary addresses, with two large transactions conducted via the former of about 709 ETH and 504 ETH, respectively.
OKLink also saw a massive $31 million stolen in different crypto assets across Polygon, Tron, Ethereum, and Binance Smart Chain.
Since the attack is ongoing, it is likely that the hacker is taking advantage of the malicious APK downloads from the users.
BitKeep had also suffered from an exploit back in October, which resulted in losses of $1 million.