An anonymous cybercriminal on Monday stole $1 million in Binance Coin (BNB) tokens from multi-chain wallet BitKeep’s token swap service, before routing the funds through the U.S. government-sanctioned transaction privacy tool Tornado Cash, according to a Twitter thread today by BitKeep.

Customers affected by the attack have been told they will be made good on their losses. 

Meanwhile, all other customer wallets are “secured,” allegedly; BitKeep has assured people that yesterday’s attack has been successfully contained. 


The company gave a partial roadmap outlining next steps. BitKeep’s token swap service has been frozen and the company plans to add “a wallet safety assurance feature and along with it a one-tap repair feature,” according to the thread.

BitKeep is also liaising with relevant security agencies to find the attacker and recover the funds. 

A specific reimbursement plan was published earlier today on the company’s blog, reiterating the company’s commitment to 100% remuneration and announcing the launch of a “compensation portal” within the next three days. 

BitKeep and crypto hacks

We're only sixteen days into October, and the month has already been the biggest for crypto hacks in what is turning out to be the worst year of all time for hacking. 


In fact, last week was the worst week so far, with four hacks occurring in a single day on Tuesday. Of the four, Solana-based crypto trading platform Mango Markets was the biggest; it was drained of $100 million.

In his negotiation proposal to Mango, the attacker appeared to be working in the interest of Mango’s depositors, citing “bad debt” from a bailout executed by Mango Markets and Solend back in June. 

He later doxxed himself as one Avraham Mayer Eisenberg of New York—who has allegedly milked millions from crypto exploits before. Eisenberg said that for his latest exploit, he was working as part of a bigger organization and claimed their actions were legal.


Blockchain bridges, which connect different blockchain ecosystems, have become a common target among crypto hackers this year. Earlier this year, Axie Infinity developer Sky Mavis was the target of one of the largest hacks of all time. 

On March 23, the attackers drained 173,600 Ethereum and 25.5 million USDC stablecoins from the bridge connecting Sky Mavis’s custom Ronin sidechain to Ethereum. The historic $622 million theft wasn’t discovered until March 29, however.

This month, attackers were able to steal $100 million in cryptocurrencies from a cross-chain bridge between BNB Beacon Chain and BNB Smart Chain.

Last weekend, Japan’s National Police and Financial Services Agencies released a joint statement announcing that North Korea’s state-sponsored cybercriminal group Lazarus has attacked several Japanese crypto firms. 

In April, Lazarus was connected to the historic $622 million attack on Sky Mavis’s Ethereum sidechain Ronin.


As the crypto industry scales, so too does this dark underbelly of criminal hackers and opportunists. Many are looking to regulators for help containing, reducing, and preventing blockchain-targeted crimes.

Stay on top of crypto news, get daily updates in your inbox.