CoinStats Hackers Launder Nearly $1M Through Tornado Cash

CoinStats Hackers, CoinStats Hackers Launder Nearly $1M Through Tornado Cash
CoinStats Hackers Launder Nearly $1 Million

YEREVAN ( — Wallets linked to the CoinStats hackers have transferred nearly $1 million in Ether to Tornado Cash. Blockchain security firm CertiK reported that two wallets involved in the June exploit moved a total of 311 ETH, valued at about $959,000, into the cryptocurrency mixer. One wallet transferred 211 ETH, while the other sent 100 ETH.

Wallet linked to CoinStats exploit transfers 211 ETH to Tornado Cash. Source: Etherscan
Wallet linked to CoinStats exploit transfers 211 ETH to Tornado Cash. Source: Etherscan/CertiK

Tornado Cash keeps transactions private by mixing funds with many others. This process anonymizes fund transfers, which hackers often exploit to launder stolen assets.

CoinStats Security Breach Affects 1,590 Wallets

On June 22, CoinStats, a crypto portfolio manager, faced a significant security breach affecting 1,590 wallets. The company suspended user activity to contain the incident. CoinStats assured users that the application was shut down to “isolate the security incident.”

The firm confirmed that the attack had been mitigated and none of the connected wallets or centralized exchanges (CEXes) were impacted. Users were urged to move their funds using their exported private keys.

By June 30, CoinStats was optimizing its transaction database and transferring operations to a new platform to enhance efficiency and reliability. Additionally, the company announced system upgrades and audits to improve security.

CoinStats Update on Security Measures
Source: CoinStats
CoinStats Update on Security Measures. Source: CoinStats

CEO Reveals Details of CoinStats Security Breach and Offers Support

CoinStats CEO Narek Gevorgyan provided more details about the breach on June 26. He explained that their AWS infrastructure was compromised due to a socially engineered attack on an employee. The CoinStats hackers tricked the employee into downloading malicious software onto a work computer.

Gevorgyan stated,

“Our AWS infrastructure was hacked, with strong evidence suggesting it was done through one of our employees who was socially engineered into downloading malicious software onto his work computer.”

CEO Addresses CoinStats Security Breach
Source: Narek Gevorgyan
CEO Addresses CoinStats Security Breach. Source: Narek Gevorgyan

He also expressed empathy for those who lost funds and committed to supporting the victims.

CoinStats Restores Operations, Continues Security Enhancements After Hack

Following the breach, CoinStats has been securing its infrastructure. On July 3, the company announced that all platform functionalities had been restored and were fully operational.

Additionally, in a July 5 update, CoinStats reiterated that the investigation is ongoing and emphasized their commitment to securing the new infrastructure. Moreover, the firm promised to provide additional information soon, including measures to support the victims.

Ongoing Investigation and Security Measures
Source: CoinStats
Ongoing Investigation and Security Measures. Source: CoinStats

Community members reported significant losses due to the hack, with one wallet allegedly losing almost $9 million in Maker (MKR). CoinStats continues to address the fallout from the breach, focusing on enhancing security and supporting affected users.

Leave a Comment

Related Articles

Our Partners