CoinStats, the crypto portfolio app, has temporarily suspended its application to address an issue security incident. The company stated that the breach was limited to 1,590 wallets or 1.3% of all CoinStats wallets. The company reported that connected wallets and centralized exchanges (CEXs) were unaffected. CoinStats is also investigating a scam alert that some iOS and Android users have received.
Author’s Note: As a long-time supporter of CoinStats, I personally had limited funds in a CoinStats wallet generated around 2022. This money was taken from the wallet, which was not connected to third-party apps, about 1.5 hours before the notification scam. was sent to users. Funds from both Ethereum and Polygon wallets are now with the attacker.
CoinStats stated that the list of affected wallets may be updated as the investigation continues, but no significant changes are expected. Users with affected wallets are advised to immediately move their funds using their exported private keys if they have been previously exported. CoinStats provided one link to the list of affected wallets.
Scam notification promoting 14.2 ETH price to users
The scam notification falsely notified users of a reward and instructed them to log into the CoinStats AirScout wallet. The link took users to a Drainer website, which was promoted via a CoinStats push notification and an official in-app notification on the app’s home screen. The company is investigating the issue and has apologized for the inconvenience. It assures users that updates will be provided as soon as possible.
The notification falsely congratulated recipients for winning a reward of 14.2 ETH in an event with a total pool of 200 ETH. The post also stated that the event would celebrate CoinStats’ over 2 million users and the launch of CoinStats AirScout, and incorrectly stated that users’ crypto had been transferred to the CoinStats AirScout Wallet.
The company is actively investigating the extent of the compromised funds and will provide updates as more information becomes available. Efforts are being made to restore the app’s functionality as quickly as possible, and CoinStats has expressed its gratitude for users’ patience during this period.
CryptoSlate contacted CoinStats shortly after the notification was sent but has not received a response.
Possible causes of the private key breach
While CoinStats has not yet publicly released any insights into what caused the attack, the incident may raise concerns about whether private keys are stored on their server and the randomness of the wallets generated from the app, especially since only through CoinStats generated wallets appear to have these. specifically targeted and disposed of.
The attackers’ ability to access the server and send a malicious push notification suggests that they may have also gained insight into the wallet generation process. Any weaknesses in random number generation used at the time could have allowed attackers to predict private keys and compromise user funds.
No wallets or API connections shared with the CoinStats portfolio application appear to be affected at this time. However, some users have reported that other wallets connected to use DeFi features have been emptied. These have not been confirmed by CoinStats at this time.
CoinStats acted quickly and removed access to the application within hours of the incident. At the time of writing, the app remains offline while the investigation is ongoing.
As always, stay vigilant for any surprise cryptocurrency contests or rewards and use hardware wallets to secure crucial funds.
The post CoinStats Suspends App After Security Breach Compromised 1,590 Wallets appeared first on CryptoSlate.