「Ill Bloom」wallet weak mnemonic vulnerability exploited, losses exceed $5 million since May

BTC0.73%
ETH0.60%
TRX1.31%
SOL0.12%

Coinspect Security disclosed on July 6 that a wallet generation vulnerability named "Ill Bloom" is being actively exploited by attackers, rooted in an insecure pseudo-random number generator used in the recovery phrase generation process, resulting in lower-than-expected encryption strength of the mnemonic phrase, allowing attackers to control affected wallets and steal funds. The first known on-chain evidence of exploitation dates back to May 27, with total losses exceeding $5 million.

Ill Bloom Vulnerability Technical Root Cause: Weak PRNG and Insufficient Mnemonic Strength

According to the Coinspect disclosure, the technical root cause of the Ill Bloom vulnerability is that the wallet used an insecure pseudo-random number generator (PRNG) when generating recovery phrases (mnemonics), causing the encryption strength of the recovery phrase to be lower than expected, allowing attackers to predict or reconstruct the mnemonic, thereby gaining full control over affected wallets.

Coinspect stated that it has fully reproduced the attack process: identified the root cause, generated all addresses that could be produced by vulnerable recovery phrases, and used public blockchain data to check which addresses still hold funds. Evidence indicates that most mainstream software wallets are not affected by this vulnerability; the most likely affected users are those who generated mnemonics using "less common mobile software wallets."

Loss Scale and Affected Chains: $3 million on May 27, $2 million recently

According to data disclosed by Coinspect, the known loss scale of this vulnerability is:

May 27: First known on-chain attack, hundreds of accounts stolen approximately $3 million.

Recently (hours before disclosure): Approximately $2 million transferred out of exposed wallets.

Still at risk: Thousands of accounts remain exposed.

Affected chains: Bitcoin (BTC), Ethereum (ETH) and L2 networks, Tron, Solana.

Vulnerability time range: Traceable to 2018; affected wallets continued to be generated weeks before the disclosure.

SlowMist Chief Information Security Officer 23pds also commented on social media, stating that SlowMist is jointly tracking the weak random number risk disclosed by Coinspect, urging users with historical mnemonics to query related tools.

Coinspect Address Check Tool Usage and Asset Migration Recommendations

Coinspect has launched a public affected address check tool. Usage: only enter a public wallet address (do not enter mnemonics, private keys, or any secret information). The tool will compare against the public dataset of vulnerable addresses; if a match is found, the tool will display next steps.

Coinspect states that the tool only requires a public address, and the address will not be sent to any third-party server. If the address matches, the recommended safest approach is:

· Create a completely new wallet and generate new mnemonics, then migrate funds to the new wallet address.

· Coinspect emphasizes that simply updating the application or importing the same mnemonics into another application does not guarantee fund safety.

· A negative result does not mean the wallet is completely safe, as the dataset may be incomplete.

Frequently Asked Questions

Which types of wallet users are most likely to be affected by the Ill Bloom vulnerability?

According to Coinspect's disclosure, users who generate mnemonics using hardware wallets are not affected by this vulnerability; most mainstream software wallets are also unaffected. The most likely affected users are those who generated mnemonics using "less common mobile software wallets." Coinspect stated that it cannot disclose all affected wallet applications because a public address cannot reveal which wallet application originally generated that address; if an address matches, users can report the application they used to help identify the affected software.

What should I do if the Coinspect address tool shows that my wallet address matches?

According to Coinspect's recommendation, if your address matches, you should immediately follow these steps: Create a completely new wallet and set new mnemonics; confirm you see a new set of 12 to 24 words (if you are asked to enter an existing mnemonic, it is restoring an old wallet, not creating a new one); after completion, migrate all funds to the new wallet address. Coinspect emphasizes that simply updating the application or importing the same mnemonics into another application cannot guarantee fund safety.

Does the Ill Bloom vulnerability only affect specific blockchains?

According to Coinspect's disclosure, this vulnerability affects multiple chains, including Bitcoin, Ethereum and L2 networks, Tron, and Solana. The risk is not limited to the chain where suspicious activity was initially detected. All addresses on chains generated using the same mnemonic may face the same risk; Coinspect has provided a phased disclosure of technical details, with full technical information shared only with provider teams capable of protecting users.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments