CoinStats Employee Suspected of Orchestrating $2M Crypto Theft
Latest News News

CoinStats Employee Suspected of Orchestrating $2M Crypto Theft

  • The CEO further stated that strong evidence suggested that the $2M crypto theft was orchestrated by a Coinstats employee.

CoinStats CEO Narek Gevorgyan revealed new details on June 26 regarding the recent CoinStats hack that saw bad actors steal $2 million worth of tokens from the crypto portfolio tracker.

Gevorgyan explained in a detailed post on X that investigations into the CoinStats hack revealed its AWS infrastructure was breached.

Deep Dive into CoinStats Hack and Recent Discovery

AWS, also known as Amazon Web Services (AWS), is a suite of cloud services and resources for hosting applications, managing data, and computing tasks.

The CEO further stated that strong evidence suggested that the attack was orchestrated through one of their employees, who was “socially engineered” into downloading malicious software into the company computer.

Social engineering is a manipulation technique that hackers use to exploit human error through persuasive tricks to gain private information or access, such as login credentials.

Gevorgyan further expressed his deep sympathy for the victims who lost funds in the CoinStats hack, acknowledging the severity of their situation.

“I empathize with those who lost money; I’m sure their situation is just as difficult,” he stated. 

“CoinStats will definitely support the victims of the hack, and we’ve been discussing options internally. We’re waiting for a few details from law enforcement to be finalized before we can share a more detailed post-mortem of the hack.”

The CoinStats hack took place on June 22. The scammers fraudulently sent scam notifications to the company’s iOS and Android users. 

These messages falsely promised rewards and directed users to access the CoinStats AirScout Wallet, a feature within the CoinStats app that facilitates rapid transactions.

The security breach affected about 1,600 crypto wallets, losing $2 million.

In an immediate response to the hack, CoinStats paused all operations to prevent further losses and to begin an internal investigation.

On June 24, the firm announced that its operations were back online after implementing additional security measures and conducting preliminary investigations.

CoinStats Hack Drained Huge Amount of Assets

The security breach has elicited frustrations and concerns from some of the users whose crypto wallets were affected, as some even claimed a huge loss.

For instance, a wallet owned by DeFi developer Blurr.eth allegedly lost 3,657 Maker (MKR) tokens valued at approximately $8.7 million.

According to the Etherscan data, the CoinStats hacker converted these tokens on the blockchain for 2,482 ETH. The massive sell-off reportedly led to a slump in MKR price, dropping from $2,462 to $2,280, resulting in a short-term drop of 7%.

This is not the first time that crypto providers will suffer security breaches.

On June 5, CoinGecko data breach affected over 23,000 users. This was a result of the data breach that its third-party email platform GetResponse suffered, which exposed Coingecko’s users to phishing emails.

In another development, Gala Games lost $23 million to a security breach on May 20, 2024. The hacker accessed a Gala Games admin address and minted 5 billion new GALA tokens sold on the Uniswap exchange.

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.