CoinStats hack created by ‘social engineering’ employee, CEO suspects
The recent hack of 1,590 CoinStats crypto wallets was done by compromising a CoinStats employee.
On June 22, cryptocurrency portfolio manager CoinStats temporarily suspended its service after discovering an active attack on its wallets. A quick and proactive response limited the hacker's access to only 1.3% of all CoinStats wallets, resulting in a loss of $2 million.
Five days later, on June 26, CoinStats CEO Narek Gevorjian disclosed the findings of an internal investigation.
“Our AWS infrastructure was hacked, with strong evidence that it was done by one of our employees who was socially engineered to download malicious software onto his work computer.”
Social engineering is a technique widely used by hackers to manipulate, influence, or manipulate victims in order to gain control of a computer system.
Gevorgyan's message did not explicitly promise refunds to all victims, but the company plans to provide a detailed action plan after a thorough post-mortem analysis of the situation.
“I sympathize with those who lost money; I'm sure their situation is just as difficult. CoinStats certainly supports the victims of the hack, and we've been discussing options internally.”
Some members of the community said they suffered worse losses as a result of the breach. For example, a wallet owned by Blurr.eth is said to have lost 3,657 Maker (MKR) tokens worth about $8.7 million.
However, the company has yet to acknowledge the claims.
Related: 1,590 CoinStats crypto wallets ‘damaged' by security breach
Security breaches are a growing concern among crypto service providers. On June 5, crypto data aggregator CoinGecko suffered a data breach through third-party email management platform GetResponse.
Similar to the CoinStats hack, the security breach at CoinGecko was caused by a compromised employee account, according to the company's June 7 announcement:
“An attacker compromised a GetResponse employee account, leading to a breach. We received confirmation from the GetResponse team that a data breach occurred on 6 June 2024 at 11:58 AM UTC.
The hacked data includes users' names, email addresses, IP addresses, email addresses and other metadata such as subscription dates and subscription plans.
Magazine: Polkadot Indy 500 driver Connor Daly: ‘My dad has a DOT, what the hell is that?'