Bitkeep exploit uas tshwm sim thaum Lub Kaum Ob Hlis 26 siv phishing qhov chaw los dag cov neeg siv mus rub cov hnab nyiaj cuav, raws li mus rau ib daim ntawv qhia los ntawm blockchain analytics tus kws kho mob OKLink.
Daim ntawv tshaj tawm tau hais tias tus neeg tawm tsam teeb tsa ntau lub vev xaib Bitkeep cuav uas muaj cov ntaub ntawv APK uas zoo li version 7.2.9 ntawm Bitkeep hnab nyiaj. Thaum cov neeg siv "hloov kho" lawv lub hnab nyiaj los ntawm rub tawm cov ntaub ntawv tsis zoo, lawv cov yuam sij ntiag tug lossis cov lus cog tau raug nyiag thiab xa mus rau tus neeg tawm tsam.
【12-26 #BitKeep Hack Event Summary 】
1 / nRaws li OKLink cov ntaub ntawv, cov tub sab nyiag tau koom nrog 4 chains BSC, ETH, TRX, Polygon, OKLink suav nrog 50 tus neeg nyiag khoom chaw nyob thiab tag nrho Txns ntim tau txog $ 31M.
— OKLink (@OKLink) Hlis ntuj nqeg 26, 2022
Daim ntawv tshaj tawm tsis tau hais tias yuav ua li cas cov ntaub ntawv tsis zoo nyiag cov neeg siv cov yuam sij hauv ib daim ntawv tsis raug cai. Txawm li cas los xij, nws tsuas yog hais kom cov neeg siv rov nkag lawv cov lus cog lus ua ib feem ntawm "hloov tshiab," uas software tuaj yeem nkag mus thiab xa mus rau tus neeg tawm tsam.
Thaum tus neeg tawm tsam muaj cov neeg siv cov yuam sij ntiag tug, lawv tau tshem tawm tag nrho cov khoom muaj nqis thiab muab tso rau hauv tsib lub hnab nyiaj raws li tus neeg tawm tsam tswj. Los ntawm qhov ntawd, lawv sim rho tawm qee cov nyiaj uas siv cov kev sib pauv hauv nruab nrab: 2 ETH thiab 100 USDC raug xa mus rau Binance, thiab 21 ETH raug xa mus rau Changenow.
Qhov kev tawm tsam tau tshwm sim thoob tsib lub network sib txawv: BNB Chain, Tron, Ethereum, thiab Polygon, thiab BNB Chain txuas hniav Biswap, Nomiswap, thiab Apeswap tau siv los txuas qee qhov tokens rau Ethereum. Nyob rau hauv tag nrho, ntau tshaj $ 13 lab tus nqi ntawm crypto raug coj mus rau hauv qhov kev tawm tsam.
Related: Defrost v1 hacker tshaj tawm rov qab cov nyiaj raws li 'tawm kev dag ntxias' cov lus sib liam
Nws tseem tsis tau paub meej tias tus neeg tawm tsam tau ntxias cov neeg siv mus saib cov vev xaib cuav li cas. Lub vev xaib raug cai rau BitKeep muab qhov txuas uas xa cov neeg siv mus rau nplooj ntawv Google Play Store rau lub app, tab sis nws tsis nqa ib qho APK file ntawm app txhua.
BitKeep nres yog ua ntej tshaj tawm los ntawm Peck Shield ntawm 7:30 sawv ntxov UTC. Thaum lub sij hawm, nws tau liam rau ntawm "APK version hack." Daim ntawv tshaj tawm tshiab no los ntawm OKLink qhia tias hacked APK los ntawm qhov chaw phem, thiab tias tus tsim tawm lub vev xaib tseem tsis tau ua txhaum cai.
Tau qhov twg los: https://cointelegraph.com/news/bitkeep-exploiter-used-phishing-sites-to-lure-in-users-report