CoinStats, a prominent cryptocurrency portfolio manager, has experienced a security breach impacting 1,590 of its crypto wallets. The company promptly responded by suspending user activity to mitigate further damage and isolate the incident. This breach underscores the persistent vulnerabilities in the crypto industry, despite ongoing efforts to enhance security measures.
Immediate Response and Mitigation Efforts
On June 22, CoinStats notified users via an X post about the security breach, revealing that only 1.3% of all CoinStats wallets were affected. The company reassured users that none of the connected wallets and centralized exchanges (CEXes) were impacted. “The attack has been mitigated, and we have temporarily shut down the application to isolate the security incident,” CoinStats stated.
The platform offers users the ability to connect all their crypto wallets, serving as an overall portfolio tracker. CoinStats emphasized that it requests read-only access to connected wallets, suggesting that users’ holdings remain safe under any conditions.
Details of the Security Breach
CoinStats published a Google document listing the affected wallets, advising users to transfer their funds immediately using their exported private keys. The platform also warned users to be cautious of scammers who might exploit the situation by pretending to offer assistance.
The breach led to scam notifications being sent to users’ mobile devices, claiming they had won a prize of 14.2 ETH in a rewards competition. These phishing notifications directed users to log into the CoinStats AirScout wallet, leading them to a malicious website. Both iOS and Android users reported receiving these scam notifications.
Community Reactions and Warnings
Despite CoinStats’ assurances, some users reported losses in their externally connected wallets, such as Trust Wallet and Coinbase Wallet. For instance, a Reddit user with the pseudonym Sony Erickson claimed their Ethereum in Trust Wallet was transferred without permission after being connected to CoinStats.
Conclusion
The recent security breach at CoinStats highlights the importance of vigilance and robust security measures in the cryptocurrency space. Users are urged to take immediate action to secure their funds and remain wary of potential scams. As the investigation progresses, CoinStats promises to keep its users informed and to implement stronger security protocols to prevent future incidents.