An Open Letter from BitKeep CEO

Dear BitKeepers,

I hope this letter finds you well.
I am Kevin, the CEO of BitKeep.

As you might know, BitKeep was hacked on Dec 26, just one day after Christmas. Now 50 hours have passed, we have enough information available to give you a clear and sincere explanation.
In the past 2 days, I have led the team to take a series of countermeasures to protect our users from further losses and pinpoint the root cause of this mishap. We have made some progress so far: We managed to trace the addresses used in the theft and some of the stolen funds are frozen. All these, of course, are done with the support of our dear users and our partners. We are actively working to recover user losses.

In this large-scale malicious attack, the hacker exploited and hijacked BitKeep App 7.2.9 APK on our website. With maliciously implanted code, the altered APK led to the leak of user’s private keys and enabled the hacker to move funds.
There is no security issue for the BitKeep official app installed via Google Play, iOS App Store and Google chrome. However, if you have downloaded BitKeep 7.2.9 APK on BitKeep website or updated it to this version via website or in the app, I’d like to urge you to download a new app via the official store, generate a new wallet address and move your funds, because there’s a chance that your private key is leaked due to this hijacked APK in question.

The BitKeep team has taken the following actions since yesterday:
On the one hand, we have contacted the SlowMist team and other security specialists in the industry to track the stolen funds, and we have locked and frozen part of the taken tokens; on the other hand, we asked our dear users to report their losses to develop a redemption list as well as to map the whole incident on a timeline.
So far, we’ve collected some vital facts about the hijack and we’ll keep you posted via our official Twitter account.

The whole BitKeep team and I are pulling all strings we can and going to great lengths to recover the stolen assets. This and compensating the victimized users are our top priorities now. We also have a new security strategy planned to restructure and upgrade our technical solution as security is the cornerstone of the whole BitKeep business. If you have suffered any loss in this incident, we’re very sorry. But please don’t worry, because I assure you that we will give you a satisfying solution.

In the end, I just want to send this message to our valued users, our dear colleagues, and our loyal partners: we are committed to making BitKeep the greatest crypto wallet and will never flinch because of the challenges along the way. And we will for sure deliver BitKeep users the peace of mind they deserve. After all, it’s our vision to build the safest wallet for all Web3 dwellers.

In the New Year of 2023, you will witness the birth of a stronger and more secure BitKeep. You can count on me.

Sincerely,
Kevin, BitKeep CEO