An unknown hacker has managed to hack into BitKeep’s token swap service. BitKeep is a crypto wallet that supports multiple blockchains. Here the hacker managed to steal approximately $1 million.
$1 million in BNB tokens stolen
Approximately 3,600 BNB tokens could be stolen, which amounts to $1 million. These tokens were initially approved by the users on the BitKeep Swap service. The stolen funds were routed through crypto mixer Tornado Cash not much later in an attempt to cover up the activity. The team Tweeted the following about the hack:
BitKeep Swap has been hacked and our development team managed to control the emergency and stop the hacker. The attack targeted the BNB Chain, resulting in a loss of approximately $1 million.
Swap contract error
Reportedly, BitKeep’s swap contract contained a logical flaw that allowed the hacker to make a malicious call. This allowed the hacker to confiscate funds from the users. The vulnerability arose from the lack of input validation of the BitKeep swap contract, which allowed the attacker to spoof input values. This means that the hacker was able to illegally swap addresses that were approved to spend on BitKeep’s swap router.
According to BitKeep, all victims will be fully reimbursed. They report that a new compensation portal will be launched within 3 working days. Victims can request a refund through this portal.
Yet it is yet another hack within the crypto world. Such hacks are unfortunately becoming more and more common and this is therefore not expected to be the last crypto-related hack.