Renowned crypto tracking app CoinStats has provided additional information about the security incident that occurred in June. The company revealed that a sophisticated attacker, believed to be affiliated with a nation-state, managed to access the private keys of 1,590 CoinStats wallets. This resulted in the theft of around $2.2 million worth of cryptocurrency. 

The Attack

In a detailed incident report, the crypto tracking platform attributed the attack to the infamous Lazarus Group or a similarly supported nation-state hacking entity. According to the announcement, the breach was executed through a series of unauthorized intrusions across multiple services, some of which were external to CoinStats. This method enabled the attacker to compromise the storage of private keys, a critical vulnerability that led to the big theft.

CoinStats immediately warned its users in June to transfer funds out of wallets created on its platform after the attacker hijacked the platform. This step was important in preventing further losses. Despite the breach affecting only 1.3% of all CoinStats wallets, the impact was big enough to prompt an overhaul of the platform’s security infrastructure.

Experts, including blockchain investigator ZachXBT and MetaMask principal security researcher Taylor Monahan, are actively tracing the stolen funds. Additionally, the incident has been reported to law enforcement agencies.

Rebuilding

In response to the breach, CoinStats has completely rebuilt its platform environment. It ensures that no components of the old infrastructure were reused. The company also contracted new infrastructure auditors to guarantee the integrity and security of the new setup. As of now, the platform is fully operational again.

Notably, CoinStats has found no evidence of user data being stolen. It has cautioned users to remain vigilant against potential phishing attacks targeting CoinStats-related email addresses.

To support affected users, CoinStats has set up a form for victims to identify themselves. The deadline for submission is August 15. However, the company has not disclosed specific details regarding the reimbursement of stolen funds.

The CoinStats breach is part of a larger trend of increasing attacks on cryptocurrency platforms. According to a recent report by blockchain research firm TRM Labs, hackers stole crypto assets valued around $1.4 billion in the first half of this year. This figure is more than double the $657 million stolen during the same period in the last year.

The post CoinStats Links June Security Breach to Nation-State Hackers appeared first on Latest News and Insights on Blockchain, Cryptocurrency, and Investing.