← All stories
● Covered by 1 source Β· 1 reportHigh impact

Vulnerability 'Ill Bloom' Leads to $3.1 Million Loss in Cryptocurrency Wallets

Aggregated by BrevFeed security Β· updated 1h ago
πŸ”– Save

The 'Ill Bloom' vulnerability discovered by Coinspect allows attackers to exploit weakly generated recovery phrases in cryptocurrency wallets. This flaw has already resulted in the theft of approximately $3.1 million from 431 wallets, highlighting significant risks for users of older or lesser-known wallet software.

Key points

Overview of the Ill Bloom Vulnerability

Coinspect has disclosed a critical flaw termed 'Ill Bloom', which affects how certain cryptocurrency wallets generate recovery phrases. When these phrases are generated with weak randomness, they become susceptible to exploitation by attackers.

Details of the Attack

On May 27, a coordinated attack drained about $3.1 million from 431 vulnerable wallets, with a substantial portion lost in Bitcoin. Coinspect has observed more movements from potentially exposed wallets, totaling around $2 million, although it is unclear how much of this is due to theft versus user-initiated transfers.

Affected Wallets and Users

Most modern hardware wallets and mainstream software wallets are not affected by this vulnerability, according to Coinspect. However, older or lesser-known mobile wallets from as far back as 2018 may be at risk, posing a significant concern for their users.

Identifying Vulnerable Wallets

Coinspect has not publicly disclosed the specific wallet applications involved in the vulnerability. To check if a wallet has been compromised, users can enter their public wallet address into the free checker at illbloom.org. If a match is found, users should consider transferring their assets to a secure wallet.

Technical Aspects of the Vulnerability

The vulnerability stems from a weak random-number generator used in the affected wallets, which reduced the efficacy of the recovery phrases intended to secure user funds. This inadequacy meant that an attacker could feasibly predict wallet addresses derived from the compromised phrases. Coinspect has created a watchlist of these weak wallets but has not revealed the exact parameters of the flawed randomness.

Conclusion

The Ill Bloom vulnerability highlights significant security weaknesses in certain cryptocurrency wallets, underscoring the importance of robust random number generation in securing funds. Users of potentially vulnerable wallets should take immediate precautions by checking their wallets and moving funds if necessary.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Primary sources

CVE CVE-2023-399107.5 HIGH CVE CVE-2023-312905.9 MEDIUM CVE CVE-2026-552008.1 HIGH CVE CVE-2026-468179.8 CRITICAL

Reporting from

The 'Ill Bloom' vulnerability discovered by Coinspect allows attackers to exploit weakly generated recovery phrases in cryptocurrency wallets. This flaw has already resulted in the theft of approximately $3.1 million from 431 wallets, highlighting significant risks for users of older or lesser-known wallet software.