CoinStats Employee Allegedly Involved in $2 Million Crypto Theft

CoinStats Employee Allegedly Involved in $2 Million Crypto Theft

On June 26, CoinStats CEO Narek Gevorgyan disclosed new insights into the recent hack of the crypto portfolio tracker, which resulted in the theft of $2 million worth of tokens. The investigation revealed that the breach occurred through the company’s AWS infrastructure.

Detailed Analysis of CoinStats Hack and Recent Findings

Amazon Web Services (AWS) provides cloud services and resources for application hosting, data management, and computing tasks. Gevorgyan’s detailed post on X indicated that evidence pointed to the involvement of a CoinStats employee who was “socially engineered” into installing malicious software on a company computer. Social engineering involves hackers manipulating individuals to gain private information or access, such as login credentials.

Gevorgyan expressed deep sympathy for the hack’s victims, acknowledging the severity of their financial losses. “I empathize with those who lost money; I’m sure their situation is just as difficult,” he stated. “CoinStats will definitely support the victims of the hack, and we’ve been discussing options internally. We’re waiting for a few details from law enforcement to be finalized before we can share a more detailed post-mortem of the hack.”

The CoinStats hack occurred on June 22, during which scammers sent fraudulent notifications to the company’s iOS and Android users. These messages falsely promised rewards and directed users to access the CoinStats AirScout Wallet, a feature within the CoinStats app designed for rapid transactions. The breach impacted approximately 1,600 crypto wallets, resulting in a $2 million loss.

In response to the hack, CoinStats paused all operations to prevent further losses and initiated an internal investigation. On June 24, the company announced that operations had resumed after implementing additional security measures and conducting preliminary investigations.

Significant Asset Losses Due to CoinStats Hack

The security breach has frustrated and concerned affected users, with some reporting substantial losses. For instance, a wallet owned by DeFi developer Blurr.eth allegedly lost 3,657 Maker (MKR) tokens valued at around $8.7 million. According to Etherscan data, the CoinStats hacker converted these tokens on the blockchain for 2,482 ETH. This massive sell-off reportedly caused the MKR price to drop from $2,462 to $2,280, resulting in a short-term decline of 7%.

This incident is part of a broader trend of security breaches affecting crypto providers. On June 5, CoinGecko experienced a data breach impacting over 23,000 users due to a third-party email platform, GetResponse, exposing CoinGecko users to phishing emails. Additionally, on May 20, 2024, Gala Games lost $23 million in a security breach where a hacker accessed a Gala Games admin address and minted 5 billion new GALA tokens, which were then sold on the Uniswap exchange.

Powered by Crypto Expert BD

Follow us on Twitter:

Join our Telegram channel:


No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *