The issue stems from inadequate randomness during the wallet creation process, which makes private keys significantly easier to predict. Coinspect reports that the flaw is not isolated to a single application, as vulnerable wallets have continued to be generated in recent weeks. While hardware wallet users appear secure, those who relied on lesser-known mobile software applications remain at the highest risk.
Financial losses have already mounted, with one specific attack on May 27 draining $3.1 million from 431 compromised accounts. An additional $2 million was siphoned from exposed wallets this past Sunday, bringing the known total to $5 million. Security firm SlowMist has corroborated the findings and is actively monitoring the situation. To mitigate further losses, Coinspect has released a verification tool allowing users to test if their addresses are susceptible to the exploit. Affected individuals are advised to transfer their funds immediately to a new, securely generated wallet rather than reusing potentially compromised seed phrases.
Comments (0)
No comments yet. Be the first!