BitKeep, a Singapore-based cross-chain encryption wallet developer, stated that in a security breach on December 26, BitKeep’s APK 7.2.9 (Android Package Kit) installation package was hijacked, and it has compensated 50% of the user’s asset loss. Users who downloaded the malware later discovered that their private keys had been compromised, resulting in the theft of an estimated $8 million worth of user assets.
A total of 6,731 verified addresses were compromised during the incident, according to a March 1 statement from Bitkeep’s official Telegram account. The company has since completed repaying 50% of the stolen assets from the affected addresses and is “fast-tracking” the remaining 50% of funds. BitKeep stated that it will complete the compensation plan ahead of schedule and release the remaining funds within two weeks.
According to Cointelegraph: A spokesperson for BitKeep stated that the company has not pursued law enforcement efforts to recover the remaining assets and that all reimbursements “are currently out of the company’s own pockets, including those that will be completed in the near future.” According to the spokesperson: “BitKeep is adamant about the safety of users’ assets and that is why we have stepped up to take responsibility for all damages as a result of the incident. Users’ losses are being compensated by BitKeep’s 2022 revenue and its Secure Assets Fund, and we will complete all reimbursements by March. Finally, we would like to express our gratitude to our users for their trust and support, as well as to our partners for working with us to overcome the recent challenges.”
On December 29, three days after the incident, BitKeep announced that it had notified law enforcement and would reimburse users 100% for their losses. The wallet currently has over 8 million users worldwide. Last May, the company raised $15 million in its Series A funding round at a $100 million valuation.
