• CoinStats reported a breach compromising 1,590 wallets, resulting in $2.2 million in stolen cryptocurrency.

  • The attacker accessed private keys through unauthorized intrusions across multiple services, affecting 1.3% of all CoinStats wallets.

  • CoinStats has rebuilt its platform, hired new auditors, and established a form for victims to identify themselves for potential future support.

CoinStats, a widely used cryptocurrency-tracking app, has disclosed new details about its recent security breach. In a report, the company stated that a “sophisticated (and we believe nation-state affiliated) attacker managed to access private keys of exactly 1,590 CoinStats Wallets, resulting in the theft of approximately $2.2 million worth of cryptocurrency.” 

The attack, believed to be carried out by the infamous Lazarus Group or a similar hacking entity, compromised several CoinStats services, including those beyond its direct control.

The incident report revealed that the attacker gained access through unauthorized intrusions across multiple services related to CoinStats’ storage of user-created wallet private keys. Experts like ZachXBT and Taylor Monahan, a principal security researcher at MetaMask, are tracing the stolen funds. The attack has been reported to law enforcement, and CoinStats continues to collaborate with experts to recover the stolen assets.

In June, CoinStats warned users to transfer funds from wallets created on its platform after the attacker hijacked the platform and sent fraudulent notifications to mobile users. The breach affected 1,590 wallets, representing 1.3% of all CoinStats wallets. 

Since then, CoinStats has rebuilt its platform environment entirely, ensuring the new setup’s integrity by not using any parts of the old infrastructure. The company also contracted new infrastructure auditors to secure the platform further.

CoinStats has resumed full operations and has not found evidence of user data theft. However, the report advises users to beware of potential phishing attacks targeting CoinStats-related email addresses.

 As a precaution, CoinStats has established a form for attack victims to identify themselves by August 15. This step is crucial for victims to be eligible for any future support from the CoinStats team. However, the company has not provided specific details regarding the reimbursement of stolen funds.

The CoinStats security breach highlights the growing threats to cryptocurrency platforms from sophisticated attackers. With the incident under investigation and measures in place to secure the platform, CoinStats aims to restore user confidence and ensure the safety of its users’ assets.

Read Also:

  • CoinStats Hack Raises Security Concerns: User Compensation and Platform Recovery

  • CoinStats Temporarily Shuts Down App Following Security Breach

  • DeFi Disaster: Hundred Finance Loses $7.4M in Cunning Flash Loan Attack

  • Balancer Faces Security Breach: Users Advised to Halt Interactions

  • Binance Assists BtcTurk Amid Cyber Attack and $54M AVAX Breach

The post CoinStats Security Breach Exposes $2.2 Million in Cryptocurrency appeared first on Crypto News Land.