CoinStats, a cryptocurrency portfolio management platform, has reported a security breach affecting many user wallets. On June 22, CoinStats revealed that wallets created directly within their app were compromised. However, wallets connected externally and centralized exchanges (CEXs) were not affected.

CoinStats has halted user activity and taken the app offline to investigate the breach. The company assured users that the attack is contained and that they will provide updates as they learn more. Hackers sent fraudulent notifications to iOS and Android users, falsely promising rewards. These alerts prompted users to access the CoinStats AirScout wallet.

Users clicking the link were directed to a drainer website. This link was promoted through a push notification and an official in-app alert on the home screen. The cause of the attack remains undisclosed. However, concerns have arisen about the security of private keys stored on CoinStats’ servers and the randomness of wallets generated within the app.

CoinStats has uploaded a Google document listing all affected crypto wallets. Wallet owners are advised to transfer their funds promptly using exported private keys. The company is investigating the extent of the funds moved and will update users as soon as possible. CoinStats expressed gratitude for users’ patience during this period.

The breach has unsettled the cryptocurrency community. Industry experts urge victims to be cautious of fraudulent rescue efforts. CoinStats stressed that users with exported private keys should move their funds immediately.