CoinStats Security Breach Overview
CoinStats, a leading cryptocurrency portfolio management platform, recently experienced a security breach that impacted a portion of user wallets. On June 22, the company reported that wallets created directly within the app were affected, prompting them to advise users with exported private keys to transfer their funds as a precaution. It is important to note that externally connected wallets and centralized exchanges (CEXs) were not affected by this incident.
CoinStats Security Measures and Containment
Following the security incident, CoinStats quickly took action to mitigate the attack and temporarily shut down the application to isolate the issue. The company confirmed that only 1,590 wallets, accounting for 1.3% of all CoinStats wallets, were affected. While the investigation is ongoing, significant changes to the list of affected wallets are not anticipated. CoinStats has assured users that the breach has been contained, and they are actively working on providing updates and resolving the situation.
Impact of the CoinStats Security Breach
The security breach allowed malicious actors to send fraudulent notifications to iOS and Android users, enticing them with false rewards and prompting them to access the CoinStats AirScout wallet. Clicking on the provided link led users to a malicious website, raising concerns about the security of private keys stored on the company’s server and the randomness of wallets generated within the app. CoinStats has uploaded a document listing the affected crypto wallets and advised owners to transfer their funds promptly using exported private keys. As the investigation progresses, CoinStats continues to investigate the extent of the funds moved and urges users to remain vigilant against potential fraudulent activities.
