Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

Ransomware Hacker Pleads Guilty After $15M Bitcoin Extortion Scheme

July 11, 2026

Hackers tried to backdoor Injective npm package to steal wallet keys

July 11, 2026

Japan's 'invest locally' plan likely to spur demand for assets like bitcoin, gold

July 11, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect
Security

Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect

July 6, 2026No Comments3 Mins Read

Thousands of crypto wallets are at risk of being drained due to the use of weaker-than-intended recovery phrases, an exploit that Blockchain security research firm Coinspect has dubbed “Ill Bloom.”

The wallets at risk span Bitcoin, Ethereum, Polygon, Rootstock, Tron and Solana, Coinspect said in a disclosure on Sunday, with the issue related to weak randomness — an insecure pseudorandom number generator — used during recovery phrase generation on certain software wallets.

“If funds recently moved without your permission, this vulnerability may be why,” Coinspect said.

The vulnerability has impacted wallets generated as early as 2018 and more often occurs in lesser-known mobile software wallets. At least $5 million has been drained from exposed wallets since May 27, though there could have been exploits on additional networks and addresses, meaning the number of wallets at risk may be much higher.

A snapshot of one analyzed address set as of June 30. Source: Coinspect

Coinspect said it was not publishing details of the active exploit at this stage, but has released a wallet-checking tool for users to see whether their address is potentially exposed.

“We’re closely monitoring the Ill Bloom wallet weak randomness risk alert from Coinspect,” SlowMist posted to X on Monday.

Data shows that an attack on May 27 affected 431 wallets out of 2,114 vulnerable wallets, draining a total of $3.1 million in cryptocurrency. Another $2 million was moved on Sunday from exposed wallets.

The historical sum of stolen amounts per chain in the May 27 attack. Source: Coinspect

“Current evidence tells us that users that generated their seed with a hardware wallet are not affected,” said Coinspect.

See also  Haedal Protocol Pauses Vault Pools After Detecting Abnormal Liquidity Decline

“Further research indicates that most current software wallets are also not vulnerable,” it added. “The strongest candidates are users who generated their seed in less widely used mobile software wallets.”

Weak wallet seeds cause headaches

This type of vulnerability has emerged several times in the past. In 2023, Ledger’s security team discovered that wallet seeds generated by the Trust Wallet browser extension were vulnerable to brute-force attacks.

The flaw resided in the wallet’s entropy generation for new addresses, which limited the total possible mnemonic combinations to roughly four billion and could allow a motivated attacker to run an attack in less than a day with just a few GPUs. Trust Wallet patched the bug before any funds were stolen.

In the same year, a vulnerability in the Libbitcoin Explorer crypto wallet led to $900,000 in crypto being stolen through private key brute forcing.

Source link

Bloom Coinspect Crypto Ill Risk Thousands vulnerability wallets

Related Posts

Hackers tried to backdoor Injective npm package to steal wallet keys

July 11, 2026

Ledger researchers discover security vulnerability in Swiss-based hardware wallet cards!

July 11, 2026

Ethereum Foundation says AI agents can find real bugs but triage is the real work

July 11, 2026

Circle soars after securing U.S. trust bank approval in crypto expansion

July 11, 2026
Top Posts

Lazarus used ‘Kandykorn’ malware in attempt to compromise exchange — Elastic

November 2, 2023

OpenAI launches benchmarking system for securing crypto tokens and smart contracts

February 19, 2026

Dinari, tZERO join forces on turnkey platform for tokenized U.S. equities

July 9, 2026

Type above and press Enter to search. Press Esc to cancel.