CoinStats, the popular crypto portfolio app, recently experienced a security incident and temporarily shut down its application to address the breach. The company reported that 1,590 wallets, or 1.3% of all CoinStats wallets, were affected. However, connected wallets and centralized exchanges were not impacted. CoinStats is currently investigating a scam notification that some iOS and Android users received.
In response to the breach, CoinStats advised users with affected wallets to move their funds immediately using their exported private keys if they had them previously exported. The company provided a link to the list of affected wallets and stated that the list may be updated as the investigation progresses. CoinStats is working to resolve the issue and restore the app’s functionality as soon as possible.
The scam notification that some users received falsely claimed that they had won a 14.2 ETH reward in an event with a total pool of 200 ETH. The message directed users to log into the CoinStats AirScout wallet, which was actually a fraudulent Drainer website. CoinStats apologized for the inconvenience caused by the scam and assured users that updates would be provided as more information becomes available.
While the cause of the attack has not been publicly disclosed by CoinStats, there are concerns about whether private keys were stored on their server and the randomness of wallets generated within the app. The targeted wallets were all CoinStats-generated, leading to speculation that attackers may have gained insights into the wallet generation process. Efforts are being made to identify any potential weaknesses in the random number generation that could have been exploited by the attackers.
CoinStats acted swiftly to address the security breach by suspending the app and launching an investigation into the incident. At this time, no wallets or API connections shared with the CoinStats portfolio application appear to have been affected, but reports have surfaced of other connected wallets being drained. Users are advised to remain vigilant of unexpected competitions or rewards in the crypto space and to use hardware wallets to secure their funds.
In conclusion, CoinStats is actively working to resolve the security breach and restore the functionality of its application. The company is committed to providing updates to users as more information becomes available. In the meantime, users are encouraged to take precautions to protect their crypto assets and remain cautious of potential scams in the crypto community.