Crypto App CoinStats Hit With Security Breach, User Funds May Be Exposed
Popular cryptocurrency portfolio tracker CoinStats is suffering from a security breach that exposed users’ wallets and sent scam alerts to mobile devices. The company has taken the drastic step of shutting down its platform completely while they investigate the incident.
The breach, confirmed by CoinStats on their official social media channel, compromised a yet to be determined number of wallets created by users within the app. CoinStats urges all users who have created wallets on their site to immediately transfer their cryptocurrency to minimize potential losses.
While the exact number of affected users is still being investigated, CoinStats advises all of its wallet users to move their funds to a secure location as soon as possible, a spokesperson said.
We are currently dealing with a security incident affecting wallets created directly within CoinStats; this does not affect externally connected wallets.
Once you have released your private key, transfer your funds ASAP.
– CoinStats (@CoinStats) June 22, 2024
Phishing Scams Lure Users With Fake Rewards
The security breach involved a phishing scam. CoinStats users, especially those on iOS devices, received notifications congratulating them for winning a large amount of cryptocurrency, specifically 14.2 ETH (Ethereum). Clicking on the notification may lead users to a malicious website designed to steal their private keys and empty their wallets.
These scams are becoming more and more common. Hackers are exploiting the user excitement surrounding the opportunities for quick profits in the crypto space. It is important to be aware of unsolicited messages, especially those that promise rewards or require urgent action.
Transparency Worries The Cloud Is A Problem
CoinStats emphasizes that the breach only affected internal wallets created within their app. They assure users that the wallets connected externally and those stored on the central exchange (CEX) remain secure. However, some users have reported unauthorized transactions even in their foreign wallets, casting doubt on CoinStats’ claims.
The company has also been criticized for its failure. The full extent of the damage, including the number of wallets compromised and the total amount of cryptocurrency stolen, is unknown. CoinStats promised a detailed report on the incident but did not give a time frame for its release.
The CoinStats breach serves as a stark reminder of the evolving cybersecurity threats within the cryptocurrency space. As the industry continues to grow, so do the efforts of malicious actors to target users’ funds.
Featured image from Mashable, chart from TradingView
