• Fri. Nov 8th, 2024

DeFi Protocol Breach

Bitkeep has confirmed that its downloadable package fell into wrong hands and without users’ knowledge, the compromised package was installed by users.

It seems hackers haven’t taken an off while others are busy celebrating Christmas and living every moment of the holiday season.

In their latest activities, hackers managed to exploit yet another decentralized finance (defi) project called The Bitkeep. At this time, the hackers went after the digital wallets belonging to Bitkeep users.

They successfully managed to steal more than $8 Million as has been confirmed by the defi protocol itself.

It was a day after Christmas when some of Bitkeep’s users complained that the funds from their wallets were somehow drained.

They further reported that funds were taken out without any intimation to them and deposited at a place not known to them.

This is clearly an attack on the protocol where the hackers were able to steal the funds and left no trace.

The downloadable Package of Bitkeep Was Manipulated

After receiving complaints, Bitkeep’s teams started looking into the matter and identified a confirmed hack attack. The defi project later told its Telegram community consisting of users that the project was breached.

Bitkeep’s teams also identified the problem because of which users’ funds amounting to more than $8 Million were stolen by hackers.

It was revealed that the hackers targeted a downloadable package of the project which comprised software and tools upgrades.

Since users were unaware that the package had been compromised, they downloaded the package and installed the same into their devices.

Users’ Warning

Later, the defi protocol issued a users’ notice in which it stated that they should immediately uninstall the ‘unofficial version of the project’s upgrade version’.

The warning was for all users whose funds had been stolen and those who had downloaded the version yet their funds remained unharmed.

Thereafter, the users were asked to immediately make alternate arrangements for securing their funds by transferring them to safe wallets.

Bitkeep’s users were advised to secure the funds either with the Apple App Store or at Google Play.

Further, the users were asked were advised not to use their old wallets. Bitkeep’s teams were of the view that their wallets’ credentials have been compromised and that it wouldn’t be safe to use them any longer.

Victims Urged For Investigation Cooperation

Meanwhile, Bitkeep’s teams have urged the victims to join the investigations and provide each and every detail of the incident.

For this purpose, they have been directed to use the Google form for lodging complaints and for submitting factual details.

According to the information provided by Bitkeep, a large number of its users reported missing funds.

After collecting data, Bitkeep summarized that crypto funds amounting to more than $8 Million were unfortunately stolen in the hack attack.

The stolen funds included a total of 1233.21 Ether Coins, 4373 Binance native coins, 196,000 DAI coins, and 5.4 Million USDT stablecoin.

Possible Suspect Identified

In the initial probe, defi project’s teams identified an account wherein they believe that the stolen funds may have been deposited into.

The suspected account is said to be linked with the hacker and already comprised of crypto funds amounting to more than $5 Million.

However, on the basis of suspicion, no action can be taken against the account holder without any concrete evidence.

The amount stolen from the project is still unverified and could be much more than what has been complained about by the users.

The incident is an ongoing investigation and further updates are anticipated. The teams are trying their best to understand the entire situation to get to the bottom of the attack.

They will be getting back to the users to let them know about the updates on the matter. They are determined to find the persons behind the attack and get their funds back from them.

Avatar

Leave a Reply

Your email address will not be published. Required fields are marked *