Latest News

BitKeep Exploiter Used Phishing Sites to Lure in Users: Report

The attacker appears to be trying to withdraw funds via Binance and Changenow.

According to a report by blockchain analytics provider OKLink, the Bitkeep exploit that occurred on December 26 used phishing sites to trick users into downloading fake wallets.

According to the report, the attacker created several fake Bitkeep websites that contained an APK file that appeared to be version 7.2.9 of the Bitkeep wallet. Users’ private keys or seed words were stolen and sent to the attacker when they “updated” their wallets by downloading the malicious file.

The report did not specify how the malicious file obtained the users’ unencrypted keys. However, as part of the “update,” it could have simply asked users to re-enter their seed words, which the software could have logged and sent to the attacker.

After obtaining the users’ private keys, the attacker unstood all assets and drained them into five wallets under the attacker’s control. They then attempted to cash out some of the funds via centralised exchanges, sending 2 ETH and 100 USDC to Binance and 21 ETH to Changenow.

The attack took place across five networks: BNB Chain, Tron, Ethereum, and Polygon, with BNB Chain bridges Biswap, Nomiswap, and Apeswap used to connect some of the tokens to Ethereum. The attack stole more than $13 million in cryptocurrency.

It is unclear how the attacker persuaded users to visit the bogus websites. The BitKeep official website provided a link that took users to the app’s official Google Play Store page, but it does not contain an APK file.

Peck Shield first reported the BitKeep attack at 7:30 a.m. UTC. It was initially blamed on a “APK version hack.” According to a new report from OKLink, the hacked APK was obtained from malicious websites, and the developer’s official website was not compromised.


Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.