CoinStats, a top cryptocurrency portfolio tracking app, has released details about a significant security breach. This breach led to the theft of around $2.2 million in digital assets. The incident, first detected on June 22, 2024, has raised serious concerns in the crypto community.
The incident report, published by CoinStats on Friday, July 12, provided deeper insights into the breach. The attackers are believed to be part of a sophisticated nation-state group. They managed to access private keys, which allowed unauthorised transfers from compromised wallets. According to CoinStats CEO Narek Gevorgyan, the breach targeted 1,590 CoinStats wallets by exploiting vulnerabilities across multiple services.
Following the breach, CoinStats took immediate action to secure the remaining assets. The platform was shut down to conduct a thorough investigation. The Federal Bureau of Investigation, along with security experts like ZachXBT and Tay from MetaMask, assisted in recovering the stolen funds. CEO Gevorgyan explained that the company has engaged in ongoing collaboration with security researchers and law enforcement to understand the full scope of the breach. While the theft affected cryptocurrency funds, there was no evidence of compromised user data beyond the financial loss.
CoinStats resumed full operations on July 3 after implementing improved security protocols and comprehensive infrastructure audits. The company said it would continue to monitor for any signs of further malicious activity. It also provided recommendations for additional security measures, including a mandatory password update. The company will enforce a stricter password policy requiring all users to update their passwords if they do not comply with the new standards. Additionally, it will encourage all users to enable two-factor authentication on their accounts.
CoinStats has committed to maintaining transparency throughout the investigation. The firm has pledged to provide regular updates on its progress and security enhancements. Moreover, CoinStats is actively exploring ways to support users affected by the breach. This ongoing effort aims to rebuild trust and ensure the highest security standards for its platform.