By Interestana AI Editorial — AI-drafted, human-overseen. How we report
Attackers Exploit 'Ill Bloom' Flaw, Stealing $3.1 Million

Attackers have begun exploiting a cryptocurrency wallet vulnerability identified as 'Ill Bloom,' successfully draining approximately $3.1 million from compromised wallets. Security firm Coinspect disclosed the flaw on May 15, 2024, detailing how it targets the recovery phrase generation process in certain wallet software. The vulnerability arises when weak randomness is used in the creation of these recovery phrases, allowing malicious actors to deduce the phrase and gain full control over the associated funds.
Coinspect confirmed a coordinated theft operation that occurred on May 15, 2024, where attackers systematically targeted and emptied multiple wallets affected by the Ill Bloom flaw. The firm's analysis indicates that the exploit is particularly effective against wallets that rely on predictable or easily guessable patterns in their seed phrase generation. This discovery highlights a critical security weakness in how some cryptocurrency wallets manage user recovery information, a fundamental aspect of digital asset security.
The Ill Bloom vulnerability impacts a specific subset of cryptocurrency wallets, though Coinspect has not yet publicly named the affected software providers. The firm is advising users of potentially vulnerable wallets to immediately transfer their assets to a more secure storage solution and to review their wallet's security practices. The ongoing exploitation underscores the persistent threat landscape in the cryptocurrency space, where even seemingly minor flaws can lead to significant financial losses for users.
Original source — read the full reporting at the publisher:
Read on The Hacker NewsGet the weekly AI digest
AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.