Cryptocurrency portfolio management app CoinStats has temporarily shut down its app to address a security breach that affected 1,590 wallets.
According to CoinStats, the number of affected wallets only accounts for 1.3% of all wallets, and the centralized exchanges (CEX) connected to these wallets were not affected.
Emergency security operations launched to address security breaches
Cryptocurrency portfolio management app CoinStats has urgently suspended its services due to a security incident. The incident affected 1,590 user wallets, accounting for 1.3% of the total number of CoinStats wallets. Fortunately, the centralized exchanges connected to these wallets were not affected by the security breach. At the same time, CoinStats is currently investigating scam notifications received by some iOS and Android users.
As a long-term user of CoinStats, some users said that there was still a small amount of funds in the CoinStats wallet created in 2022. Unfortunately, these funds had been transferred out about 1.5 hours before the fraud notification was sent to the user, and the wallet was not connected to any external application. At present, the assets in the user's Ethereum and Polygon wallets have been stolen by the attacker.
At the same time, CoinStats said that as the investigation deepens, the list of affected wallets may be updated, but they do not expect the changes to be significant. CoinStats recommends that users whose wallets are affected by this security incident immediately use the previously exported private keys to transfer funds to a safe place, and provides a link list containing a list of affected wallets.
CoinStats fraud notification incident investigation
CoinStats has released the results of a recent investigation into a scam that initially involved users receiving a scam notification email that claimed they had won a 14.2 ETH bonus and induced them to log in to their CoinStats AirScout wallet.
In reality, the link directed users to a website called Drainer, which used CoinStats’ push notifications and official messages within the app to mislead users into thinking it was an official CoinStats event.
The scam notification faked a congratulation from CoinStats, claiming that the user had won a grand prize of 14.2 ETH in a total prize pool of 200 ETH. The notification also mentioned that this so-called event was to celebrate CoinStats's user base exceeding 2 million and the launch of CoinStats AirScout, and falsely claimed that the user's cryptocurrency had been transferred to the CoinStats AirScout wallet.
Meanwhile, CoinStats is actively investigating the scale of the stolen funds and promises to release updates as more information becomes available. The company is working to restore the normal functionality of the application and thanks its users for their patience during this time.
After the scam notification was issued, some media immediately tried to contact CoinStats, but no response has been received so far. At the same time, CoinStats said it is investigating the scam, apologizes for the inconvenience caused to users, and promises to provide further updates as soon as possible.
Exploring possible causes of private key leakage
Although CoinStats has not yet announced the specific cause of the attack, the incident has raised concerns about the security of private key storage and the randomness of wallet generation within the application. In particular, it seems that only wallets generated through CoinStats were targeted in this targeted attack, which further deepens these concerns.
The fact that the attackers were able to compromise the server and send malicious push notifications suggests that they may have mastered the wallet generation mechanism. If there are some potential flaws in the random number generation used in the wallet generation process, the attackers may be able to use these weaknesses to predict the user's private key and steal funds.
Currently, wallets or API connections shared with the CoinStats portfolio app do not appear to have been affected by the incident. However, some users have reported that funds connected to other wallets that use decentralized finance (DeFi) features have been withdrawn, although these cases have not been officially confirmed by CoinStats.
CoinStats responded quickly to the incident and suspended access to the app within a short period of time. As of the time of publication, the app remains unavailable while the investigation continues.
As always, investors should remain vigilant regarding any unexpected contests or rewards that arise in the cryptocurrency space. To protect important funds, it is recommended to use a hardware wallet as a secure storage solution. #CoinStats #安全漏洞 #入侵 #钱包被盗
Conclusion
The CoinStats security breach reminds cryptocurrency users and industry practitioners that security is always a sword of Damocles hanging over their heads. Although CoinStats took quick action to respond to the crisis, the incident still highlights the fragility of the cryptocurrency ecosystem. As the investigation deepens, we expect CoinStats to transparently disclose the details of the incident and provide users with clear explanations and remediation measures.
At the same time, this incident also highlights the need for individuals to take additional security precautions when managing crypto assets, including using more secure storage solutions such as hardware wallets. This is a difficult moment for CoinStats and its users, but it is also an opportunity to strengthen security awareness and improve system protection capabilities. We look forward to CoinStats recovering from this experience and rebuilding user trust, while providing valuable security lessons for the entire industry.
