HQ/EMEAFind out how we can help your business
CoinStats confirmed that it suffered a massive security breach that exposed 1,590 Bitcoin wallets. Based on reports, the affected entity blamed the North Korean threat actors for orchestrating the attack.
CoinStats announced earlier this week on the social media platform previously known as Twitter that it had suffered a hack that affected 1,590 1.3% of all the platform’s hosted wallets.
Moreover, the company provided a list of affected wallets on a publicly available spreadsheet. However, several customers not on the list reported that the incident also stole their funds. As a result, the true scope of the cryptocurrency campaign may be more than what CoinStats has determined.
The company also advised those who find their wallet address on the list and still have funds to move them immediately to an external wallet to avoid losing it from the attack. While the hack is ongoing, the CoinStats website and app are temporarily unavailable while the firm assesses and mitigates the attack.
On the other hand, the hack did not affect users’ connected wallets and centralised exchanges, so they can safely use them.
CoinStats revealed that there is evidence that points out North Korean threat actors.
The CoinStats representative on X said they have considerable proof that the North Korean advanced persistent threat group executed the crypto attack.
The investigations revealed that the primary suspect of this campaign is the notorious Lazarus group. This group is known for pulling out major crypto heists throughout the years, mainly targeting cryptocurrency sites.
Separate research last year claimed that North Korean state-backed hackers had stolen $3 billion in cryptocurrency since 2017. Hence, these campaigns have allowed North Korean threat groups to earn $500,000,000 from crypto heists annually.
Furthermore, CoinStats has been an attractive target for malicious entities after the recent incident became public. Scammers are already seeking to exploit the CoinStats flaw by advertising fraudulent refund programs in reaction to the official statement on X.
The scammers try to deceive customers into visiting a spoofed website that asks them to connect their wallets to receive a refund. This technique allows the scammers to drain the assets of fooled customers.
Users should be wary of these fraudulent activities since CoinStats has yet to launch a refund program. They should consider such claims on social media platforms as scams and avoid accessing links to such posts.
