Posted inNews

BitKeep remains on track to fully compensate victims of $8M APK exploit

March 2, 2023No Comments


According to an official Telegram statement on March 1, Singaporean cross-chain crypto wallet developer BitKeep says it has refunded 50% of user assets lost during a security breach that originated on December 26. 2022. On the date of the incident, a estimated $8 million was stolen by hackers after BitKeep's APK 7.2.9 (Android Package Kit) installation package was hijacked and swapped. Users who downloaded the malware subsequently had their private keys compromised, leading to asset theft.

As told by BitKeep, a total of 6,731 verified addresses were breached during the incident. The firm has since completed reimbursement of 50% of the stolen assets at the affected addresses, with "expedited processing" for the remaining 50% of the funds. BitKeep says that it will complete its compensation plan ahead of schedule and release the remaining funds within two weeks.

In a statement to Cointelegraph, a BitKeep spokesperson said that the company has yet to recover any remaining assets through law enforcement efforts, and that all refunds "are currently coming out of the company's own pockets, including which will be completed in the near future". As said by the spokesperson:

"BitKeep is adamant about the security of user assets and that is why we have stepped up to take responsibility for all damages as a result of the incident. User losses are being offset by BitKeep's revenue in 2022 and its Safe Assets Fund, and we will complete all repayments in March. Finally, we would like to express our gratitude to our users for their trust and support, as well as to our partners for working with us to overcome recent challenges."

On December 29, three days after the incident, BitKeep announced that it had alerted the police and would refund 100% of user losses. The wallet currently has more than 8 million users worldwide. Last May, the firm raised $15 million in its Series A at a $100 million valuation.