CoinStats Security Incident Under Investigation to Find Lost $2 Million

Key Points:

• The CoinStats team is tracking the stolen funds and cooperating with law enforcement to support users affected by last week’s hack.
• The CoinStats security incident caused a $2 million loss, affecting nearly 1,600 wallets, possibly linked to North Korean actors.
• CoinStats is uncertain about compensating users and needs more time for a full investigation and recovery.

CoinStats announced in a post on X it is tirelessly working to minimize losses and restore functionality by tracking the stolen $2 million last week.

CoinStats Security Incident: $2 Million Stolen in Phishing Attack

The CoinStats team will Security Alliance and law enforcement in multiple jurisdictions to discuss plans to support victims while preparing a detailed explanation of the CoinStats operation.

CoinStats CEO Narek Gevorgyan revealed new details about the hacker attack that drained $2 million worth of tokens from nearly 1,600 hosted wallets. The CoinStats security incident, which occurred on June 22, exploited CoinStats’ Amazon Web Services (AWS) infrastructure through a phishing scheme that initially affected iOS users. Gevorgyan suggested that the attack might be part of coordinated efforts by North Korean threat actors.

Uncertainty Surrounds Compensation for Affected Users

Despite ongoing efforts, it remains unclear if CoinStats will take responsibility and compensate the affected users. Gevorgyan indicated that CoinStats will need more time to resume operations and conduct a thorough post-mortem on the CoinStats security incident. He assured users that the breach impacted no more than 1% of all users, reiterating that around 1,590 wallets were compromised.

As Coincu reported, the hackers sent out fraudulent notifications to CoinStats’ iOS and Android users, falsely promised rewards and directed them to the CoinStats AirScout Wallet. This feature within the app facilitates rapid transactions, but the malicious notifications redirected users to a drainer website, promoted through a push notification from CoinStats and an in-app alert on the home screen.