TLDR Security firm Coinspect uncovered a vulnerability called “Ill Bloom” affecting crypto wallets across Bitcoin, Ethereum, Polygon, Tron, Solana and more TheTLDR Security firm Coinspect uncovered a vulnerability called “Ill Bloom” affecting crypto wallets across Bitcoin, Ethereum, Polygon, Tron, Solana and more The

Coinspect Warns Thousands of Crypto Wallets Vulnerable to Ill Bloom Exploit

2026/07/06 15:36
3 min read
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

TLDR

  • Security firm Coinspect uncovered a vulnerability called “Ill Bloom” affecting crypto wallets across Bitcoin, Ethereum, Polygon, Tron, Solana and more
  • The flaw stems from weak random number generation during recovery phrase creation in certain mobile software wallets
  • At least $5 million has been stolen since May 27, with $3.1 million taken from 431 wallets in a single attack
  • Wallets generated as far back as 2018 are potentially at risk
  • Coinspect has released a free tool for users to check if their wallet address is exposed

Blockchain security firm Coinspect has disclosed a vulnerability it calls “Ill Bloom,” which has put thousands of crypto wallets at risk of being drained.

The flaw is tied to weak randomness in how some software wallets generate recovery phrases. When the random number generator used during wallet creation is not secure enough, it makes the resulting seed phrases easier to predict and exploit.

Coinspect Warns Thousands of Crypto Wallets Vulnerable to Ill Bloom Exploit

Wallets across Bitcoin, Ethereum, Polygon, Rootstock, Tron, and Solana are affected.

The vulnerability has been present since at least 2018. Coinspect says wallets were still being generated with this flaw in recent weeks, meaning new users could also be at risk.

How the Attacks Unfolded

On May 27, attackers hit 431 wallets out of 2,114 identified as vulnerable, stealing $3.1 million in cryptocurrency.

More funds were moved on Sunday, with around $2 million drained from exposed wallets. The total stolen stands at a minimum of $5 million, though Coinspect says the true number could be higher across additional networks.

Coinspect has not published the full technical details of the exploit to avoid giving attackers more information.

The firm says hardware wallet users are not affected. Most mainstream software wallets are also believed to be safe. The highest-risk group is users who generated their seed phrase using lesser-known mobile software wallets.

Past Cases of Weak Wallet Seeds

This is not the first time weak seed generation has caused problems.

In 2023, Ledger’s security team found that Trust Wallet’s browser extension generated seeds with limited randomness. The flaw narrowed possible phrase combinations to around four billion, which could be cracked in under a day using a few GPUs. Trust Wallet fixed the bug before any funds were taken.

Also in 2023, a flaw in the Libbitcoin Explorer wallet led to $900,000 being stolen through private key brute-forcing.

Coinspect says the Ill Bloom issue does not come from a single wallet provider, making it harder to contain.

Security monitoring firm SlowMist confirmed it is tracking the situation. Coinspect is urging wallet providers to integrate weak mnemonic detection tools into their software.

Users who think they may be affected can use Coinspect’s wallet-checking tool to see if their address is exposed. If funds have moved without permission, Coinspect says the vulnerability may be the cause.

The post Coinspect Warns Thousands of Crypto Wallets Vulnerable to Ill Bloom Exploit appeared first on CoinCentral.

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs