CoinStats employee compromised in hack of 1,590 crypto wallets

Cryptocurrency portfolio manager CoinStats temporarily suspended its services on June 22 after discovering an active attack on its crypto wallet.

The attack, which hacked 1,590 crypto wallets, was carried out by compromising a CoinStats employee.

Fast and proactive response from CoinStats

A quick and proactive response from CoinStats limited the hacker’s access to just 1.3% of all CoinStats wallets, resulting in a $2 million loss. On June 26, CoinStats CEO Narek Gevorgyan revealed the findings of an internal investigation.

“Our AWS infrastructure has been hacked, with strong indications that this was done via one of our employees who socially engineered to download malicious software to his work computer,” Gevorgyan stated. Social engineering, a commonly used tactic by hackers, was used to manipulate the victim and thus gain control over a computer system.

Although Gevorgyan did not explicitly promise refunds for all victims, he indicated that the company will provide a detailed action plan after a thorough post-mortem analysis of the situation. “I sympathize with those who have lost money; I’m sure their situation is just as difficult. CoinStats will certainly support the victims of the hack, and we have discussed options internally,” he added.

Increasing Security Issues

Some community members have reported greater losses due to the breach. For example, a Blurr.eth wallet would have lost 3,657 Maker tokens worth approximately $8.7 million. However, the company has not yet acknowledged these claims.

Security breaches have become an increasing concern among crypto service providers. On June 5, cryptocurrency data aggregator CoinGecko suffered a data breach via its third-party email management platform GetResponse. Similar to the CoinStats hack, the security breach at CoinGecko occurred as a result of a compromised employee account.

“An attacker compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team that a data breach occurred on June 6, 2024 at 11:58 UTC,” CoinGecko said in a June 7 announcement.

The compromised data included users’ names, email addresses, IP addresses, the location of opened emails, and other metadata such as login dates and subscription plans.

Need for robust security measures emphasized

The recent incidents at CoinStats and CoinGecko highlight the need for robust security measures and the ongoing threat of social engineering attacks within the crypto space. CoinStats continues to work on a solution for affected users and promises to take further steps to ensure the security of their services.