On March 1, Singapore-based cross-chain crypto wallet developer BitKeep announced that it had refunded 50% of user funds lost in a December 26, 2022, security breach. Hackers were able to steal an estimated $8 million after hijacking and swapping BitKeep’s APK 7.2.9 Android Package Kit installation package, compromising users’ private keys. According to BitKeep, 6,731 verified addresses were affected by the breach, and the firm has already reimbursed 50% of stolen assets in those addresses with expedited processing for the remainder. The company is on track to complete its compensation plan two weeks ahead of schedule, with the remaining funds to be released shortly.
BitKeep has yet to recover the remaining assets lost in the incident and is compensating users’ losses from its 2022 revenue and its Secure Assets Fund. A company spokesperson said that all reimbursements will be completed by March, paid out of the company’s pockets.
They expressed gratitude for their users’ trust and support and to their partners for helping them through the tough times. BitKeep is committed to ensuring the safety of its users’ assets and is taking full responsibility for any damages caused by the incident.
On December 29, BitKeep officially confirmed that they had alerted law enforcement in response to the incident and declared their intention to reimburse 100% of users’ losses. At the time, BitKeep boasted 8 million users worldwide and had recently completed a successful Series A round worth $15 million in May 2020 at a valuation of $100 million.