CoinStats suspends app after security breach compromises 1,590 wallets

Share This Post

CoinStats, the crypto portfolio app, has temporarily shut down its application to address a security incident. The company stated the breach was limited to 1,590 wallets or 1.3% of all CoinStats Wallets. The company reported that connected wallets and centralized exchanges (CEXes) were unaffected. CoinStats is also investigating a scam notification some iOS and Android users received.

Author’s note: As a long-time supporter of CoinStats, I personally had limited funds in a CoinStats wallet generated around 2022. These funds were moved out of the wallet, which was not connected to any external apps, around 1.5 hours before the notification scam was sent to users. Funds from both Ethereum and Polygon wallets are now with the attacker.

CoinStats stated that the list of affected wallets may be updated as the investigation progresses, but significant changes are not expected. Users with affected wallets are advised to move their funds immediately using their exported private keys if they were previously exported. CoinStats provided a link to the list of affected wallets.

Scam notification promoting 14.2 ETH prize to users

The scam notification falsely informed users of a reward and directed them to log into the CoinStats AirScout wallet. The link pointed users to a Drainer website, which was promoted via a CoinStats push notification and official in-app notification on the app’s home screen. The company is looking into the issue and has apologized for the inconvenience, assuring users that updates will be provided as soon as possible.

The notification falsely congratulated recipients on winning a 14.2 ETH reward in an event with a total pool of 200 ETH. The message also mentioned that the event was to celebrate exceeding 2 million CoinStats users and the launch of CoinStats AirScout, and it falsely stated that users’ crypto had been transferred to the CoinStats AirScout Wallet.

The company is actively investigating the extent of the compromised funds and will issue updates as more information becomes available. Efforts are underway to restore the app’s functionality as swiftly as possible, and CoinStats has expressed gratitude for users’ patience during this period.

CryptoSlate reached out to CoinStats moments after the notification was sent but has not received a response.

Potential causes of the private key breach

While CoinStats has not yet publicly disclosed insights into the cause of the attack, the incident may raise concerns about whether private keys were stored on their server and the randomness of wallets generated from within the app, especially since only CoinStats-generated wallets appear to have been specifically targeted and drained.

The attackers’ ability to access the server and send a malicious push notification suggests that they may also have gained insights into the wallet generation process. Any potential weaknesses in the random number generation used during that time could have allowed attackers to predict private keys and compromise user funds.

No wallets or API connections shared with the CoinStats portfolio application appear to have been affected at this point. However, some users have reported that other wallets that were connected to utilize DeFi features have been drained. These are unconfirmed by CoinStats at this time.

CoinStats acted swiftly and removed access to the application within hours of the incident. As of press time, the app remains down while the investigation is ongoing.

As always, stay vigilant of any surprise competitions or rewards across crypto and use hardware wallets to secure critical funds.

The post CoinStats suspends app after security breach compromises 1,590 wallets appeared first on CryptoSlate.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Bitcoin Price Forms Bullish Symmetrical Triangle, Crypto Analyst Says Next Stop Is $100,000

The Bitcoin price movements have recently formed a bullish symmetrical triangle pattern, a technical indicator that often precedes significant upward momentum This pattern formation has come amidst a

Why is Bitcoin Price Up Today? Bulls Break $92k, Eye $100k Next

The post Why is Bitcoin Price Up Today Bulls Break $92k, Eye $100k Next appeared first on Coinpedia Fintech News Bitcoin is nearing an important Fibonacci level on its price chart, with experts

US Space Force Major Applies for Military Advisor Position on Bitcoin Strategy

A US Space Force major aims to shape defense policy by advocating a national bitcoin reserve and highlighting proof-of-work technology’s role in strategic security Jason Lowery Pushes for

Solana Market Cap Hits Milestone: $400 Price Target Gains Traction

Following a price surge, Solana (SOL) reached a market valuation of nearly $117 billion for a new milestone As the blockchain ecosystem gains traction, both analysts and investors are beginning to

Exchange stablecoin ratio hits record low, fueling Bitcoin surge

The exchange stablecoin ratio (ESR) is an on-chain metric that indicates the balance of liquidity between Bitcoin and stablecoins held on exchanges The metric is calculated as the ratio of the total

The Ripple Case and Bob Stebbins: Why Pro-XRP Lawyer Warns Against His Appointment as SEC Chair

The post The Ripple Case and Bob Stebbins: Why Pro-XRP Lawyer Warns Against His Appointment as SEC Chair appeared first on Coinpedia Fintech News The race for the next SEC Chair has some big names,