CoinStats reports a security breach affecting in-app wallets, assuring users that externally connected wallets and CEXs are unaffected.
A security incident that affected wallets created directly within the app was reported by CoinStats on June 22. The organization guarantees that centralized exchanges (CEXs) and wallets that are externally connected will not be affected.
Users who have exported their private keys were advised to promptly transfer their funds, according to CoinStats. Refer to the following.
Only 1,590 of all CoinStats wallets, or 1.3%, were compromised, according to the CoinStats team.
While it is possible that the list of wallets that are affected may evolve as the investigation progresses, substantial modifications are not anticipated.
In order to conduct a comprehensive investigation of the incident, CoinStats has temporarily suspended user activity and disabled the application. The company has reassured users that the attack has been contained and will continue to provide updates as additional information becomes available.
The fraudulent notifications were sent to iOS and Android users by the bad actors, who fraudulently promised rewards and encouraged them to access the CoinStats AirScout wallet, as a result of the hack.
Users were directed to a drainer website by clicking on the link, which was advertised through a push notification from CoinStats and an official in-app alert on the home screen.
The incident has raised concerns regarding the security of private keys stored on the company’s server and the randomness of wallets generated within the app, despite the fact that the cause of the attack had not been disclosed.
CoinStats also uploaded a Google document that included a comprehensive inventory of all crypto wallets that were impacted by the attack. It is recommended that owners whose wallet addresses are included in this list promptly relocate their funds using the exported private keys.
The company is currently conducting an active investigation into the extent of the funds that have been transferred and will provide updates as soon as feasible. Coinstat expressed its appreciation for the users’ forbearance during this time.
The cryptocurrency community has been jolted by the security compromise, prompting industry professionals to caution victims against fraudulent rescue efforts.