Leading cryptocurrency portfolio tracking app CoinStats has revealed details of a major security breach that resulted in the theft of approximately $2.2 million worth of digital assets.
The incident was detected on June 22, 2024, Crypto.news reported. Now, a security incident report published by CoinStats on Friday, July 12, has provided deeper insights into the breach.
We have new and important information regarding the recent security incident.
Our latest blog post provides detailed information on the progress of our investigation, steps taken and next steps: https://t.co/YnikJ3qTPk
— CoinStats (@CoinStats) July 12, 2024
The attackers are believed to be affiliated with a highly sophisticated nation-state group. They gained access to private keys and facilitated unauthorized transfers from compromised wallets.
According to CoinStats CEO Narek Gevorgyan, the breach targeted 1,590 CoinStats wallets by exploiting vulnerabilities in multiple services.
Following the incident, CoinStats secured the remaining assets and shut down its platform to conduct an immediate investigation. The Federal Bureau of Investigation and other security experts, including ZachXBT and Tay from MetaMask, assisted in the recovery of the stolen funds.
“We have engaged in ongoing collaboration with security researchers and law enforcement to understand the full scope of the breach,” Gevorgyan explained. While the theft may have affected cryptocurrency funds, there was no evidence of compromised user data beyond financial loss, Gevorgyan added.
The report noted that CoinStats resumed full operations on July 3 following the implementation of improved security protocols and comprehensive infrastructure audits.
The company said it will continue to monitor for further signs of malicious activity. It also made recommendations for additional security measures, including:
Mandatory password updates: The company said it will implement a stricter password policy that will require all users who don’t meet the new standards to update their passwords. Enabling 2FA: It also said it will encourage all users to enable two-factor authentication on their accounts.
CoinStats also committed to maintaining transparency throughout the investigation and promised to provide regular updates on its progress and security improvements. The firm also said it was actively exploring ways to support users.
What’s next: Users will be able to report their losses and seek potential assistance; the deadline to apply is August 15.
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
Toncoin 
TRON 
Cardano 
Avalanche 
Wrapped stETH 
Wrapped Bitcoin 
Shiba Inu 
WETH 
Chainlink 
Bitcoin Cash 
Polkadot 
Dai 
LEO Token 
Uniswap 
NEAR Protocol 
Litecoin 
Kaspa 
Wrapped eETH 
Internet Computer 
Artificial Superintelligence Alliance 
Sui 
Pepe 
Aptos 
Monero 
First Digital USD 
Stellar 
POL (ex-MATIC) 
Ethereum Classic 
Ethena USDe 
Bittensor 
Stacks 
OKB 
Immutable 
Cronos 
Filecoin 
Aave 
Render 
Injective 
Arbitrum 
Hedera 
Mantle