CoinStats releases incident report following $2.2m security breach

Leading cryptocurrency portfolio tracking app CoinStats has revealed details of a major security breach that resulted in the theft of approximately $2.2 million worth of digital assets.

The incident was detected on June 22, 2024, Crypto.news reported. Now, a security incident report published by CoinStats on Friday, July 12, has provided deeper insights into the breach.

We have new and important information regarding the recent security incident.

Our latest blog post provides detailed information on the progress of our investigation, steps taken and next steps: https://t.co/YnikJ3qTPk

— CoinStats (@CoinStats) July 12, 2024

The attackers are believed to be affiliated with a highly sophisticated nation-state group. They gained access to private keys and facilitated unauthorized transfers from compromised wallets.

According to CoinStats CEO Narek Gevorgyan, the breach targeted 1,590 CoinStats wallets by exploiting vulnerabilities in multiple services.

Following the incident, CoinStats secured the remaining assets and shut down its platform to conduct an immediate investigation. The Federal Bureau of Investigation and other security experts, including ZachXBT and Tay from MetaMask, assisted in the recovery of the stolen funds.

“We have engaged in ongoing collaboration with security researchers and law enforcement to understand the full scope of the breach,” Gevorgyan explained. While the theft may have affected cryptocurrency funds, there was no evidence of compromised user data beyond financial loss, Gevorgyan added.

The report noted that CoinStats resumed full operations on July 3 following the implementation of improved security protocols and comprehensive infrastructure audits.

The company said it will continue to monitor for further signs of malicious activity. It also made recommendations for additional security measures, including:

Mandatory password updates: The company said it will implement a stricter password policy that will require all users who don’t meet the new standards to update their passwords. Enabling 2FA: It also said it will encourage all users to enable two-factor authentication on their accounts.

CoinStats also committed to maintaining transparency throughout the investigation and promised to provide regular updates on its progress and security improvements. The firm also said it was actively exploring ways to support users.

What’s next: Users will be able to report their losses and seek potential assistance; the deadline to apply is August 15.

Leave a Reply

Your email address will not be published. Required fields are marked *