Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
CoinStats Exploiter Moves $1M ETH to Tornado Cash


  • CoinStats exploit affected 1,590 wallets, leading to nearly $1 million in ETH being moved to Tornado Cash.
  • CertiK reported two wallets linked to the CoinStats exploit moved $959,000 in ETH to a crypto mixer.
  • CoinStats initiated security enhancements and restored full functionality by July 3 following the breach.

CoinStats has revealed new developments in its investigation into a significant security breach that occurred on June 22. According to blockchain security firm CertiK, two wallets linked to the exploit have transferred 311 ETH, worth approximately $959,000, to Tornado Cash. This move has raised alarms within the crypto community.

Tornado Cash anonymizes transactions by mixing potentially identifiable funds with many others, a method hackers commonly use to launder stolen cryptocurrencies. CertiK’s report indicated that one wallet transferred 211 ETH while another sent 100 ETH to the mixer.

The community has reacted strongly to the breach, with some users reporting significant losses. One wallet allegedly lost almost $9 million in Maker (MKR), underscoring the severity of the exploit. CoinStats has communicated transparently the steps taken to mitigate the attack and improve security.

Details of the Security Breach

The June 22 breach affected 1,590 wallets on CoinStats, a popular crypto portfolio manager. CoinStats promptly suspended user activity and shut down the application to contain the incident. The company reassured users that the attack did not impact connected wallets or centralized exchanges. Users were advised to safeguard their funds using exported private keys.

On June 26, CoinStats CEO Narek Gevorgyan explained the breach, revealing that attackers compromised their AWS infrastructure through a social engineering attack. After being tricked, an employee downloaded malicious software, granting the attackers access to the system. However, Gevorgyan empathized with the affected users and emphasized the company’s commitment to supporting them.

Enhancing Security Measures

CoinStats has been working diligently to secure its platform since the breach. On June 30, the company announced that it was optimizing its transaction database and transitioning to a new platform to enhance efficiency and reliability. The compnay intended to bolster the security of their systems with these upgrades and audits.

By July 3, CoinStats had restored full functionality to its platform, allowing users to resume normal activities. The company continues investigating the incident and taking additional measures to secure its infrastructure.

In a July 5 update, CoinStats stated that the investigation is ongoing and is implementing actions to ensure the security of its new infrastructure. The firm also mentioned that it would share additional information soon, including measures to support the victims of the breach.

The crypto community has reacted strongly to the breach and the subsequent funds transfer. In addition, users have reported substantial losses, and there is a heightened awareness of the need for improved security measures across the industry. CoinStats remains committed to enhancing its security infrastructure and supporting affected users. Moreover, the company has proactively communicated its steps to address the breach and prevent future incidents.

Learn More