CoinStats, a prominent crypto portfolio manager, has reportedly transferred close to $1 million worth of Ethereum to Tornado Cash, a cryptocurrency mixing service. The transfer was conducted through two wallets associated with a previous attack on CoinStats, as reported by blockchain security firm CertiK. In June, these wallets moved about 311 Ethereum, valued at approximately $959,000, into Tornado Cash.
Implications of the CoinStats Attack
Crypto mixers like Tornado Cash are designed to anonymize transactions by blending identifiable funds with others. This method is commonly exploited by hackers to launder stolen assets. On June 22, CoinStats suspended user activities following a security breach that impacted 1,590 crypto wallets. The company temporarily disabled its application to contain the incident.
CoinStats announced that the attack was contained and highlighted that no linked wallets or centralized exchanges were compromised. Affected users were advised to transfer their funds using exported private keys. By the end of June, CoinStats had optimized its transaction databases and migrated to a new platform to boost performance and reliability.
What Led to the Breach?
On June 26, CoinStats CEO Narek Gevorgyan revealed that the attack involved their AWS infrastructure being compromised due to malware downloaded onto an employee’s computer through social engineering. Gevorgyan expressed empathy for users who lost funds, emphasizing that the company would support them and had begun exploring remedial options.
Concrete Measures Taken
CoinStats has implemented various measures to ensure the security and trustworthiness of their platform:
- Enhanced system upgrades and comprehensive security audits.
- Optimization of transaction databases for better efficiency.
- Migration to a more reliable platform.
- Ongoing investigation and transparent communication regarding the incident.
- Provision of user support and resource options for affected customers.
By July 3, CoinStats confirmed that their platform had fully resumed operations. They also reiterated their commitment to user security, promising to provide further updates and support measures. As the investigation continues, the firm aims to ensure that such breaches do not recur.