CoinStats Cyber-Attack: $2M Stolen in Suspected North Korean Heist

In a recent cyber-attack, a popular cryptocurrency portfolio management firm, CoinStats, reported that 1,590 of its customers' crypto wallets were compromised, resulting in a loss of approximately $2 million. This incident, believed to be orchestrated by North Korean hackers, has impacted 1.3% of all CoinStats wallets.

Incident Overview

CoinStats, known for providing comprehensive visibility into over 300 wallets and exchanges, as well as 1000+ DeFi protocols and over 20,000 cryptocurrencies, revealed the breach on X (formerly Twitter). The firm hosts around 120,000 wallets, and it was these wallets that were targeted in the attack, not any third-party wallets linked to customer accounts.

The company swiftly responded to the incident, urging customers who had exported their private keys to move their funds immediately. Just two hours after the initial announcement, CoinStats claimed to have mitigated the breach and temporarily shut down the application to prevent further damage.

Details of the Attack

Thanks to the rapid incident response from the CoinStats team, the attack was contained to a relatively small percentage of wallets. The firm's CEO, Narek Gevorgyan, shared significant evidence suggesting that the attack was part of a series of hacks linked to North Korean cybercriminals, as described in an FBI report.

Gevorgyan disclosed that the total amount stolen from the affected wallets was around $2 million, with approximately $800,000 being drained from two wallets that had imported their seed phrases into CoinStats Wallet. He promised a detailed and transparent report on the hack would be released in due course.

Impact and Response

North Korea is notorious for its involvement in cryptocurrency thefts, which it uses to fund its nuclear and ballistic missile programs. An unnamed US diplomat previously claimed that North Korea generates about half of its foreign-currency income from cyber-attacks on cryptocurrency and related targets. The UN has estimated that the regime has amassed billions of dollars through such activities in recent years.

To safeguard against such threats, users are advised to:

Conclusion

The CoinStats cyber-attack highlights the ongoing threat posed by sophisticated cybercriminals, particularly those linked to North Korea. By staying vigilant and employing comprehensive security measures, individuals and organizations can better protect their digital assets against such attacks. As the investigation continues, CoinStats' commitment to transparency and user protection remains paramount.

About Foresiet!

Foresiet is the pioneering force in digital security solutions, offering the first integrated Digital Risk Protection SaaS platform. With 24x7x365 dark web monitoring and proactive threat intelligence, Foresiet safeguards against data breaches and intellectual property theft. Our robust suite includes brand protection, takedown services, and supply chain assessment, enhancing your organization's defense mechanisms. Attack surface management is a key component of our approach, ensuring comprehensive protection across all vulnerable points. Compliance is assured through adherence to ISO27001, NIST, GDPR, PCI, SOX, HIPAA, SAMA, CITC, and Third Party regulations. Additionally, our advanced antiphishing shield provides unparalleled protection against malicious emails. Trust Foresiet to empower your organization to navigate the digital landscape securely and confidently.