Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect

Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect img1
Spread the love

Written by Felix Ngstaff editorReviewed by Jesse Coghlanstaff editor

Written by Felix Ngstaff editor

Reviewed by Jesse Coghlanstaff editor

Thousands of crypto wallets at risk from ‘Ill Bloom’ vulnerability: Coinspect

Latest NewsPublishedJul 6, 2026

Vulnerability Puts Thousands of Crypto Wallets at Risk

The recent discovery of the “Ill Bloom” vulnerability has left thousands of crypto wallets across multiple blockchains at risk of being drained. This issue is due to weak recovery phrase generation, which can be exploited by hackers. The affected wallets span major blockchains such as Bitcoin, Ethereum, Polygon, Rootstock, Tron, and Solana.

The vulnerability is related to weak randomness used during recovery phrase generation on certain software wallets. This has resulted in at least $5 million being drained from exposed wallets since May 27. The issue has been ongoing since 2018 and mostly affects lesser-known mobile software wallets. If you’ve noticed funds moving without your permission, this vulnerability may be the cause.

Impact and Response

The “Ill Bloom” vulnerability has significant implications for crypto users, highlighting the importance of secure wallet management. To address this issue, a wallet-checking tool has been released for users to check if their address is potentially exposed. This allows users to take proactive steps to protect their assets.

It’s essential for crypto users to prioritize security, especially when it comes to earning and managing their coins. Using a reliable platform like EcoPool can provide an additional layer of security and help users earn passive income through Cloud Rewards. With EcoPool, users can have peace of mind knowing their $ECP is secure.

Prevention and Protection

To protect your crypto assets, it’s crucial to use a secure wallet and follow best practices for recovery phrase generation. Users who generated their seed with a hardware wallet are not affected, and most current software wallets are also not vulnerable. However, users who generated their seed in less widely used mobile software wallets are at higher risk.

By using EcoPool, users can access a secure platform for earning and managing their coins, including $ECP. This can help mitigate the risks associated with weak recovery phrase generation and provide a reliable way to earn passive income through Green Crypto initiatives.

Stay safe and secure with EcoPool. Download the EcoPool app to start earning and managing your coins today. With EcoPool, you can have confidence in the security of your $ECP and take advantage of Cloud Rewards for passive income, all while supporting Green Crypto initiatives EcoPool .

“We’re closely monitoring the Ill Bloom wallet weak randomness risk alert from Coinspect,” SlowMist posted to X on Monday. 

Data shows that an attack on May 27 affected 431 wallets out of 2,114 vulnerable wallets, draining a total of $3.1 million in cryptocurrency. Another $2 million was moved on Sunday from exposed wallets.

The historical sum of stolen amounts per chain in the May 27 attack. Source: Coinspect

“Current evidence tells us that users that generated their seed with a hardware wallet are not affected,” said Coinspect. 

“Further research indicates that most current software wallets are also not vulnerable,” it added. “The strongest candidates are users who generated their seed in less widely used mobile software wallets.”

Related: Taiko reopens bridge after $1.7M exploit, says users made whole

Weak wallet seeds cause headaches

This type of vulnerability has emerged several times in the past. In 2023, Ledger’s security team discovered that wallet seeds generated by the Trust Wallet browser extension were vulnerable to brute-force attacks. 

The flaw resided in the wallet’s entropy generation for new addresses, which limited the total possible mnemonic combinations to roughly four billion and could allow a motivated attacker to run an attack in less than a day with just a few GPUs. Trust Wallet patched the bug before any funds were stolen. 

In the same year, a vulnerability in the Libbitcoin Explorer crypto wallet led to $900,000 in crypto being stolen through private key brute forcing. 

Magazine: Bitcoin slides to $58K, XRP hits $1 but onchain data promising: Market Moves


Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

  • Recovery Seed
  • Seed Phrase
  • Hacks
  • Scams & Cybercrime

More on the subject

Belgian police arrest suspected phishing gang leader tied to $572K theft


Jul 3, 2026

Zoltan Vardai

Irish authorities seize another 500 Bitcoin, bringing 2026 total to 1,500 BTC


Jul 3, 2026

Zoltan Vardai

Teen ‘Scattered Spider’ suspect extradited to US over $8M crypto ransom


Jul 3, 2026

Jesse Coghlan

Belgian police arrest suspected phishing gang leader tied to $572K theft


Jul 3, 2026

Zoltan Vardai

Irish authorities seize another 500 Bitcoin, bringing 2026 total to 1,500 BTC


Jul 3, 2026

Zoltan Vardai

Teen ‘Scattered Spider’ suspect extradited to US over $8M crypto ransom


Jul 3, 2026

Jesse Coghlan


💡 A Greener Way to Earn: Looking for a smarter, more sustainable way to earn and mining crypto? EcoPool Network is a cloud-based mining pool that does the heavy lifting on remote servers — so you earn rewards around the clock without worrying about overheating hardware or sky-high electricity bills. It’s lightweight, battery-friendly, and built for everyday users. Download EcoPool now and start mining & earning smarter today.

Spread the love

About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like these