CoinStats faced a significant setback recently when it was discovered that approximately $2 million in cryptocurrency had been stolen from the platform. The incident, which occurred on June 22, involved hackers exploiting vulnerabilities in CoinStats’ AWS infrastructure. CEO Narek Gevorgyan provided insights into the breach, explaining that it was likely facilitated by an employee who unwittingly downloaded malicious software following a sophisticated social engineering attack.
Gevorgyan expressed deep sympathy for those affected by the theft, emphasizing CoinStats’ commitment to supporting victims during this challenging time. He assured stakeholders that the company was collaborating closely with law enforcement to conduct a thorough investigation and would provide a comprehensive post-mortem once all details were finalized.
In response to the breach, CoinStats immediately halted operations to prevent further losses and initiated enhanced security measures. By June 24, operations had resumed after preliminary investigations and additional safeguards were implemented.
The hackers targeted approximately 1,600 crypto wallets associated with CoinStats users, exploiting the trust of iOS and Android users through fraudulent notifications promising rewards. These messages redirected users to the CoinStats AirScout Wallet, where they fell victim to unauthorized transactions.
The impact of the breach extended beyond CoinStats, resonating across the cryptocurrency community. For example, DeFi developer Blurr.eth reportedly suffered a substantial loss of 3,657 Maker (MKR) tokens, valued at about $8.7 million. Etherscan data revealed that the stolen MKR tokens were swiftly converted into 2,482 ETH, triggering a temporary 7% drop in MKR’s price.
This incident adds to a series of security breaches plaguing the cryptocurrency sector. Just weeks earlier, CoinGecko experienced a data breach affecting over 23,000 users due to vulnerabilities in a third-party email platform. Similarly, Gala Games lost $23 million in May 2024 when hackers exploited administrative access to mint and sell billions of GALA tokens on Uniswap.
As CoinStats continues to recover from this incident, stakeholders are urged to remain vigilant against potential threats in the evolving landscape of digital finance.