In a recent turn of events, Narek Gevorgyan, the CEO of CoinStats, shed light on the cyber heist that resulted in the theft of $2 million in digital assets from the cryptocurrency portfolio management platform. On June 26, Gevorgyan disclosed that the breach was traced back to a compromised AWS system, which stands for Amazon Web Services, a comprehensive cloud platform offering a variety of services including application hosting and data management.
The CEO’s investigation pointed to an inside job, where an employee fell victim to social engineering, inadvertently installing harmful software on a company workstation. Social engineering is a deceptive method employed by cybercriminals to manipulate individuals into divulging confidential information or gaining unauthorized access, often through misleading tactics.
Expressing his solidarity with the affected users, Gevorgyan stated, “My heart goes out to those impacted financially; their plight is undoubtedly challenging. CoinStats is committed to aiding those affected by the breach, and we are currently deliberating on the best course of action. We await certain details from law enforcement to finalize before releasing a comprehensive analysis of the incident.”
The breach occurred on June 22, when fraudulent alerts were sent to CoinStats’ mobile app users, falsely promising rewards and urging them to use the CoinStats AirScout Wallet, a feature designed for swift transactions within the app. Approximately 1,600 wallets were compromised, leading to a loss of $2 million.
CoinStats immediately suspended all activities to halt further damages and initiated an internal probe. By June 24, the company resumed operations, having bolstered its security protocols and completed initial investigations.
The incident has sparked frustration among some users, with significant losses reported. For example, Blurr.eth, a DeFi developer, reportedly lost 3,657 Maker (MKR) tokens, estimated to be worth around $8.7 million. The perpetrator converted these tokens to 2,482 ETH on the blockchain, causing a notable dip in the MKR value, which plummeted from $2,462 to $2,280, marking a 7% decrease.
This breach is not an isolated case in the crypto industry. On June 5, a data breach at CoinGecko affected more than 23,000 users due to a compromise at GetResponse, their third-party email service provider, leading to phishing risks. Additionally, on May 20, 2024, Gala Games reported a loss of $23 million following a breach where a hacker minted and sold 5 billion new GALA tokens on the Uniswap exchange.
Stay updated with us on Google News.