Page 1 of 1

Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Posted: Sat Jul 11, 2026 1:32 am
by Starburst-David
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out and take everything it controls.

The firm has confirmed one coordinated sweep on May 27 that drained about $3.1 million from 431 wallets, and it told The Hacker News that a further $2.1 million in USDT was stolen from an exposed wallet afterward, pushing confirmed losses past $5 million.

More Information:
https://thehackernews.com/2026/07/attac ... bloom.html

Published Date: Jul 10, 2026

Vulnerabilities has been mentioned in this article:
CVE-2026-55200 CVE-2026-46817 CVE-2023-39910 CVE-2023-31290