Hacker Steals $1 Million From Multi-Chain Crypto Wallet BitKeep
BitKeep’s token swap service was attacked on Monday by an unknown hacker.
The multi-chain crypto wallet was robbed of $1 million in crypto tokens. The users who were robbed had endorsed their tokens on BitKeep’s exchange service – called an exchange router – on BNB Chain and Polygon.
Reports said the stolen funds were later dispersed through Tornado Cash’s crypto mix to avoid being tracked.
The team tweeted, “BitKeep Swap was hacked, and our development team has managed to contain the emergency and stopped the hacker. The attack was directed at the BNB chain, causing a loss of around $1 million.”
The hacker was able to seize users’ funds by exploiting a previously contained logic flaw that allowed them to make a malicious call.
The exploit was exposed to the hacker when BitKeep’s exchange contract lacked input validation, further allowing the hacker to falsify input values. It reveals that the hacker was able to make illegitimate exchanges from addresses that had approved to use BitKeep’s exchange routes.
Victims of the exploit will be refunded, according to BitKeep.
“BitKeep will launch a compensation portal within 3 business days for all victims to apply for refunds,” Bitkeep said.
Other recent hacks
Although small compared to other hacks, the BitKeep hack is another case of exploits that have hit the crypto sector this month.
In accordance Chain analysisIn October alone, more than $700 million has been lost across more than a dozen notable businesses.
The latest high-profile hack was witnessed by Mango Markets, which came less than a week after Binance’s BNB blockchain’s $80 million hack.
A hacker has stolen 100 million dollars from Mango Markets at the beginning of October.
The trading and lending platform on the Solana blockchain was exploited after manipulating the price of Mango Market’s original MANGO token via an oracle price manipulation attack.
According to Blockchain.News, Mango Markets confirmed via a tweet that the company had begun investigating the matter. “We are currently investigating an incident where a hacker was able to siphon money from Mango via oracle price manipulation. We are taking steps to have third parties freeze funds in flight,” the tweet said.
The hacker’s wallet was funded from an FTX exchange account.
According to blockchain security firm Hacken’s tweets, the hacker first opened a huge futures position, which resulted in the MANGO token price pump. It further increased the security value of the hacker’s account and gave access to borrow a large debt position across multiple coins on Mango Market’s borrowing and lending platform.
According to Hacken, the hacker was then able to borrow and steal approximately $114 million across different tokens since the price of the tokens and their security was manipulated much higher.
It is yet to be understood how, exactly, the hacker was able to inflate MNGO’s value in the eyes of the Mango protocol, according to Robert Chen of blockchain auditors OtterSec.
While in Binance’s BNB blockchain hack case, $80 million worth of Binance Coins (BNB) were stolen after an exploit occurred on a bridge between blockchains.
According to Chainalysis, total crypto crime revenue in the first half of this year was $1.6 billion, less than the figure recorded in the first half of 2021. The fall in crypto crime numbers has coincided with a fall in crypto values. However, some forms of cryptocrime have risen in the past year, such as the value of hacked cryptoassets increasing from $1.2 billion to $1.9 billion.
While Bloomberg reported that around $2 billion had been lost in crypto hacks this year, many of those hacks were carried out by North Korea-linked groups, and cross-chain bridges used to transfer tokens across blockchains have been a popular target.
Image source: Shutterstock
