Coinstats Security Breach Affects 1,590 Wallets, North Korean Hackers Suspected

Coinstats Security Breach Affects 1,590 Wallets, North Korean Hackers Suspected

N
News Editor 01
2026-07-08 14:20:16
Crypto portfolio tracker Coinstats confirmed a security breach on June 22 affecting 1,590 wallets (1.3% of total). The app was shut down, and users with affected wallets are urged to transfer funds using exported private keys. CEO says evidence points to North Korean hackers.
Coinstatssecurity breachNorth Korean hackerswallet securitycrypto portfolio

Coinstats, a popular crypto portfolio tracking application, confirmed on June 22 that it suffered a security breach impacting approximately 1,590 user wallets, representing about 1.3% of all wallets created within the platform. The company immediately suspended all user activity and shut down the application to contain the incident. According to the official statement, only wallets created directly inside Coinstats were affected; connected wallets and centralized exchange accounts remained secure. The team urged users whose wallet addresses appear on the affected list to transfer their funds promptly using their exported private keys.

Details and Impact

The breach was discovered on June 22, and the Coinstats team acted within hours to disable the app and isolate the threat. While the total amount of stolen funds is still being investigated, the team assured that they are actively monitoring the movement of assets. Users who do not see their addresses on the affected list are not required to take immediate action, but the company recommends all users review their transactions once the app is back online.

Coinstats has a user base of over 150,000, and while 1.3% may seem small, the security incident has shaken confidence in crypto portfolio tools. Some users reported receiving suspicious transaction notifications before the app shutdown, but could not respond in time.

CEO Statement and Response

In an update shared on Telegram, Coinstats CEO Narek Gevorgyan revealed that the company is restoring the production environment with enhanced security measures to prevent future attacks. The process is expected to take approximately 24 hours. “We are actively working to bring the app back online as quickly as possible. Thank you for your patience,” Gevorgyan wrote. He also disclosed that collected evidence suggests the attack was perpetrated by a group with ties to North Korea.

The CEO warned users not to share their private keys with anyone claiming to represent Coinstats, as the company never asks for such information. Gevorgyan further noted that the team is evaluating compensation for affected users, though details remain under discussion.

North Korean Hackers and Broader Context

This incident adds to a growing list of crypto breaches linked to North Korean hacker groups such as Lazarus. Previous high-profile attacks include the $620 million Ronin Network exploit (2022), the Atomic Wallet hack (2023), and the recent WazirX incident. Security researchers note that North Korean hackers often employ sophisticated social engineering and code injection techniques to infiltrate platforms.

Coinstats has not yet disclosed the technical root cause of the breach, but independent analysts speculate it could involve a supply-chain attack or a vulnerability in the wallet generation module. The company promises a full technical post-mortem after the investigation concludes.

In the meantime, the best course of action for Coinstats users is to transfer funds from any wallet that appears on the affected list, enable two-factor authentication on all linked services, and monitor their wallets for unusual activity. The app is expected to resume operations within 24 hours, with enhanced security protocols in place.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice.

This article was originally published by Bit.Fan. For more cryptocurrency news and market insights, visit www.bit.fan.
300

Disclaimer:

The market information, project data, and third-party content displayed on this platform are for industry information sharing only and do not constitute any form of investment advice or return commitment.

Cryptocurrency trading carries high risks. Users should fully assess their risk tolerance and make independent decisions. All profits, losses, and legal responsibilities are borne by the users themselves.