News

CoinStats says North Korean hackers breached 1,590 crypto wallets

Published

7 months ago

on

CoinStats has suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean criminals.

CoinStats is a comprehensive cryptocurrency portfolio management app with 1,500,000 users. It is used for investment monitoring, real-time data, news aggregation and customized alerts. It also allows users to create CoinStats wallets, hosted by the platform.

For users who wish to use wallet management features, the platform requires read-only access to connected external crypto wallets and were not affected by the breach.

However, users who hosted their wallets on CoinStats were potentially affected by the hack.

In an announcement on X yesterday, CoinStats told users that it had suffered a cyber attack that affected 1,590, or 1.3%, of all wallets hosted on the platform.

The company shared a list of affected wallets on this spreadsheetbut some reported by users that funds were stolen from wallets that were not on this list. Therefore, the actual scope of the incident may be more significant than what CoinStats verified.

Those who find their wallet address on the list and still contain funds are advised to immediately transfer them to an external wallet.

While the hack is ongoing, the CoinStats website and app remain unavailable as the company investigates and mitigates the attack.

The attack had no impact on users’ connected wallets and centralized exchanges, so it is safe for people to continue using them.

While the investigation is ongoing, the CEO of CoinStats said on X that he has significant evidence to suggest that North Korean hackers carried out the attack, sharing a CISA document about the North Korean hacker group Lazarus.

The Lazarus Group is believed to be a state-sponsored hacking group known for carrying out massive cryptocurrency thefts over the years, targeting cryptocurrency platforms.

In late 2023, Recorded Future estimated that North Korean state-backed hackers he had stolen 3 billion dollars value of cryptocurrencies as of January 2017, which equates to approximately $500,000,000 per year.

Scammers are already attempting to take advantage of the CoinStats breach by promoting fake refund programs in responses to the official X announcement, using unverified accounts with typosquatting handles, such as “@CoinStals.”

Fake refund ad from scammers
Source: BleepingComputer

Scammers attempt to trick users into visiting a cloned site that requires them to link their wallets to receive a refund, which is then drained of all assets.

At the time of writing, the official CoinStats platform has not announced a refund program, so all related requests should be viewed as scams and ignored.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version