Popular crypto portfolio tracker CoinStats released a detailed report on its June security incident, revealing a more sophisticated attack than initially suspected.
Nation-State Attackers Eyed in Multi-Million Dollar Theft
According to CoinStats, a “sophisticated (and we believe nation-state affiliated) attacker” gained access to private keys, resulting in the theft of roughly $2.2 million in cryptocurrency from 1,590 CoinStats wallets. This constitutes only 1.3% of all CoinStats wallets, the company clarified.
The report points towards the Lazarus Group or a similar state-backed hacking group as potential culprits. The attackers reportedly compromised “multiple services” involved in CoinStats’ private key storage, suggesting a multi-pronged approach.
Tracing Ongoing, Law Enforcement Notified
CoinStats assures users that the stolen funds are being tracked by security experts like ZachXBT and MetaMask’s Taylor Monahan. Additionally, the attack has been reported to law enforcement.
Platform Restored, User Data Potentially at Risk
CoinStats has rebuilt its platform environment “ensuring no parts of the old infrastructure” are used. However, the report warns users to remain vigilant against potential phishing attacks on CoinStats-related email addresses. While CoinStats claims user data wasn’t compromised, caution is still advised.
A form has been set up for affected users to identify themselves by August 15th for “any future support from the CoinStats team.” However, the company remains silent regarding specific details on reimbursing stolen funds.
A Concerning Breach with Unanswered Questions
This update from CoinStats sheds light on a serious security breach. While the platform is back online and user data appears safe for now, the lack of clear communication regarding stolen fund reimbursement raises concerns. CoinStats users are advised to remain vigilant and wait for further updates on potential compensation.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
About The Author
