Written by Felix Ngstaff editorReviewed by Jesse Coghlanstaff editor
Written by Felix Ngstaff editor
Reviewed by Jesse Coghlanstaff editor
Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect
Latest NewsPublishedJul 6, 2026
Vulnerability Puts Thousands of Crypto Wallets at Risk
The recent discovery of the “Ill Bloom” vulnerability has left thousands of crypto wallets across multiple blockchains at risk of being drained. This issue is due to weak recovery phrase generation, which can be exploited by hackers. The affected wallets span major blockchains such as Bitcoin, Ethereum, Polygon, Rootstock, Tron, and Solana.

The vulnerability is related to weak randomness used during recovery phrase generation on certain software wallets. This has resulted in at least $5 million being drained from exposed wallets since May 27. The issue has been ongoing since 2018 and mostly affects lesser-known mobile software wallets. If you’ve noticed funds moving without your permission, this vulnerability may be the cause.
Impact and Response
The “Ill Bloom” vulnerability has significant implications for crypto users, highlighting the importance of secure wallet management. To address this issue, a wallet-checking tool has been released for users to check if their address is potentially exposed. This allows users to take proactive steps to protect their assets.
It’s essential for crypto users to prioritize security, especially when it comes to earning and managing their coins. Using a reliable platform like EcoPool can provide an additional layer of security and help users earn passive income through Cloud Rewards. With EcoPool, users can have peace of mind knowing their $ECP is secure.
Prevention and Protection
To protect your crypto assets, it’s crucial to use a secure wallet and follow best practices for recovery phrase generation. Users who generated their seed with a hardware wallet are not affected, and most current software wallets are also not vulnerable. However, users who generated their seed in less widely used mobile software wallets are at higher risk.

By using EcoPool, users can access a secure platform for earning and managing their coins, including $ECP. This can help mitigate the risks associated with weak recovery phrase generation and provide a reliable way to earn passive income through Green Crypto initiatives.
Stay safe and secure with EcoPool. Download the EcoPool app to start earning and managing your coins today. With EcoPool, you can have confidence in the security of your $ECP and take advantage of Cloud Rewards for passive income, all while supporting Green Crypto initiatives #PassiveIncome #EcoPool #CloudRewards #GreenCrypto #Earning #Coin #Bitcoin.
“We’re closely monitoring the Ill Bloom wallet weak randomness risk alert from Coinspect,” SlowMist posted to X on Monday.
Data shows that an attack on May 27 affected 431 wallets out of 2,114 vulnerable wallets, draining a total of $3.1 million in cryptocurrency. Another $2 million was moved on Sunday from exposed wallets.

The historical sum of stolen amounts per chain in the May 27 attack. Source: Coinspect
“Current evidence tells us that users that generated their seed with a hardware wallet are not affected,” said Coinspect.
“Further research indicates that most current software wallets are also not vulnerable,” it added. “The strongest candidates are users who generated their seed in less widely used mobile software wallets.”
Related: Taiko reopens bridge after $1.7M exploit, says users made whole
Weak wallet seeds cause headaches
This type of vulnerability has emerged several times in the past. In 2023, Ledger’s security team discovered that wallet seeds generated by the Trust Wallet browser extension were vulnerable to brute-force attacks.
The flaw resided in the wallet’s entropy generation for new addresses, which limited the total possible mnemonic combinations to roughly four billion and could allow a motivated attacker to run an attack in less than a day with just a few GPUs. Trust Wallet patched the bug before any funds were stolen.
In the same year, a vulnerability in the Libbitcoin Explorer crypto wallet led to $900,000 in crypto being stolen through private key brute forcing.
Magazine: Bitcoin slides to $58K, XRP hits $1 but onchain data promising: Market Moves
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.
- Recovery Seed
- Seed Phrase
- Hacks
- Scams & Cybercrime
More on the subject
Belgian police arrest suspected phishing gang leader tied to $572K theft
Jul 3, 2026
Zoltan Vardai
Irish authorities seize another 500 Bitcoin, bringing 2026 total to 1,500 BTC
Jul 3, 2026
Zoltan Vardai
Teen ‘Scattered Spider’ suspect extradited to US over $8M crypto ransom
Jul 3, 2026
Jesse Coghlan
Belgian police arrest suspected phishing gang leader tied to $572K theft
Jul 3, 2026
Zoltan Vardai
Irish authorities seize another 500 Bitcoin, bringing 2026 total to 1,500 BTC
Jul 3, 2026
Zoltan Vardai
Teen ‘Scattered Spider’ suspect extradited to US over $8M crypto ransom
Jul 3, 2026
Jesse Coghlan