BitKeep exploiter used phishing sites to lure in users: Report

NFT & DEFI
By xnftcrypto
0

[ad_1]

The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink.

The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker.

The report did not say how the malicious file stole the users’ keys in an unencrypted form. However, it may have simply asked the users to re-enter their seed words as part of the “update,” which the software could have logged and sent to the attacker.

Once the attacker had users’ private keys, they unstaked all assets and drained them into five wallets under the attacker’s control. From there, they tried to cash out some of the funds using centralised exchanges: 2 ETH and 100 USDC were sent to Binance, and 21 ETH were sent to Changenow.

The attack happened across five different networks: BNB Chain, Tron, Ethereum, and Polygon, and BNB Chain bridges Biswap, Nomiswap, and Apeswap were used to bridge some of the tokens to Ethereum. In total, over $13 million worth of crypto was taken in the attack.

Related: Defrost v1 hacker reportedly returns funds as ‘exit scam’ allegations surface

It is not yet clear how the attacker convinced users to visit the fake websites. The official website for BitKeep provided a link that sent users to the official Google Play Store page for the app, but it does not carry an APK file of the app at all.

The BitKeep attack was first reported by Peck Shield at 7:30 a.m. UTC. At the time, it was blamed on an “APK version hack.” This new report from OKLink suggests that the hacked APK came from malicious sites, and that the developer’s official website has not been breached.

[ad_2]

Source link

xnftcrypto 9034 posts 0 comments
You might also like More from author
Leave A Reply

Your email address will not be published.

bitcoin
Bitcoin (BTC) $ 90,246.18
ethereum
Ethereum (ETH) $ 2,937.22
tether
Tether (USDT) $ 1.00
xrp
XRP (XRP) $ 2.11
bnb
BNB (BNB) $ 869.03
usd-coin
USDC (USDC) $ 0.999982
solana
Solana (SOL) $ 134.42
tron
TRON (TRX) $ 0.280782
staked-ether
Lido Staked Ether (STETH) $ 2,925.13
dogecoin
Dogecoin (DOGE) $ 0.143403
cardano
Cardano (ADA) $ 0.414035
figure-heloc
Figure Heloc (FIGR_HELOC) $ 1.03
whitebit
WhiteBIT Coin (WBT) $ 59.19
wrapped-steth
Wrapped stETH (WSTETH) $ 3,566.83
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 90,090.14
bitcoin-cash
Bitcoin Cash (BCH) $ 535.30
wrapped-beacon-eth
Wrapped Beacon ETH (WBETH) $ 3,175.06
usds
USDS (USDS) $ 0.999995
binance-bridged-usdt-bnb-smart-chain
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00
chainlink
Chainlink (LINK) $ 12.87
hyperliquid
Hyperliquid (HYPE) $ 32.87
leo-token
LEO Token (LEO) $ 9.18
weth
WETH (WETH) $ 2,924.41
stellar
Stellar (XLM) $ 0.246169
wrapped-eeth
Wrapped eETH (WEETH) $ 3,165.59
monero
Monero (XMR) $ 395.15
ethena-usde
Ethena USDe (USDE) $ 0.999895
coinbase-wrapped-btc
Coinbase Wrapped BTC (CBBTC) $ 89,887.08
litecoin
Litecoin (LTC) $ 81.13
hedera-hashgraph
Hedera (HBAR) $ 0.139736
zcash
Zcash (ZEC) $ 352.36
avalanche-2
Avalanche (AVAX) $ 13.39
sui
Sui (SUI) $ 1.50
shiba-inu
Shiba Inu (SHIB) $ 0.000008
world-liberty-financial
World Liberty Financial (WLFI) $ 0.162560
dai
Dai (DAI) $ 1.00
susds
sUSDS (SUSDS) $ 1.08
crypto-com-chain
Cronos (CRO) $ 0.111088
the-open-network
Toncoin (TON) $ 1.55
paypal-usd
PayPal USD (PYUSD) $ 1.00
ethena-staked-usde
Ethena Staked USDe (SUSDE) $ 1.21
usdt0
USDT0 (USDT0) $ 1.00
uniswap
Uniswap (UNI) $ 5.80
polkadot
Polkadot (DOT) $ 2.17
mantle
Mantle (MNT) $ 1.02
canton-network
Canton (CC) $ 0.077547
usd1-wlfi
USD1 (USD1) $ 0.999602
aave
Aave (AAVE) $ 178.29
bittensor
Bittensor (TAO) $ 280.48
bitget-token
Bitget Token (BGB) $ 3.54
Shares

Share