- CoinStats has disclosed that more than 1,500 crypto wallets were affected during its recent security breach
- The wallets lost roughly $2 million with close to half of the amount siphoned from only two wallets
- The platform temporarily halted all services to prevent further losses
CoinStats, a crypto portfolio manager, has disclosed that only a small amount of funds, roughly $2 million, was siphoned from 1,590 wallets affected by its recent security breach. The firm said that most of the drained funds came from two wallets that “imported their seed phrases to CoinStats Wallet.” CoinStat said it’s working to re-activate all services in a matter of hours, leaving the community speculating whether the breach was due to an upgrade or a private key leak.
External Crypto Wallets Affected?
According to an X post by CoinStats CEO Narek Gevorgyan, the platform’s team is working non-stop “to get back production service securely,” adding that the attack didn’t affect users on iOS and Android devices.
Update on the Security Incident
The attack has been mitigated, and we have temporarily shut down the application to isolate the security incident.
1. None of the connected wallets and CEXes were impacted.
2. Thanks to the immediate incident reponse from the CoinStats team,…
— CoinStats (@CoinStats) June 22, 2024
The platform noted that the security breach affected crypto wallets “created directly within CoinStats” and not those connected to the platform. However, some social media users who connected their external wallets claim they also lost funds in the incident.
It did affect outside wallets. My Coinbase wallet was drained.
— James West (@jwest8585) June 22, 2024
Gevorgyan said he suspects state-sponsored North Korean malicious actors to be behind the incident. The CoinStats CEO believes that the actors are the same as the ones mentioned in an FBI warning in April.
We also have a significant evidence to assume that attack was a part of this group of hacks, described by FBI report with ties to North Korea https://t.co/O0AHmR8i4U
— narek (@narek_gevorgyan) June 23, 2024
North Korean Hackers Targeting Crypto and Web3 Projects
According to the FBI, Lazarus Group, APT38, BlueNoroff and Stardust Chollima, which are all North Korean groups, are increasingly targeting crypto and web3 projects like exchanges, NFTs and games.
The FBI also recently warned of crypto scammers offering fake work-from-home jobs to steal crypto from unsuspecting job seekers. Malicious actors are also creating DeFi protocols intending to steal deposited funds.
With wallets connected to CoinStats allegedly affected by the security breach, the amount drained is likely to be more than the $2 million initially reported.