Ethical Hacking News
A new vulnerability has been discovered in cryptocurrency wallet software, dubbed "Ill Bloom," which has already resulted in losses of over $5 million. Users are advised to take immediate action to safeguard their wallets by checking if they are associated with the vulnerable implementation and moving funds to a new, secure wallet.
A prominent cybersecurity firm, Coinspect, has disclosed a critical vulnerability in cryptocurrency wallet software called "Ill Bloom."The vulnerability arises from the weak random-number generator used in recovery phrases for self-custody wallets.The attacker exploited this flaw to drain over $5 million from wallets worldwide, primarily on Bitcoin and USDT.Older or lesser-known wallets with poor random-number generators pose a significant risk due to their vulnerable recovery phrases.Coinspect has developed a free tool called "illbloom.org" to help users check if their public wallet address is associated with one of the identified vulnerable wallets.The vulnerability highlights the importance of staying informed and vigilant in today's digital landscape to minimize the risk of falling prey to attacks like "Ill Bloom."
Threat Intelligence News, July 10, 2026
In a shocking revelation, a prominent cybersecurity firm, Coinspect, has disclosed a critical vulnerability in cryptocurrency wallet software, which has already been exploited by attackers to drain over $5 million from wallets worldwide. The vulnerability, dubbed "Ill Bloom," arises from the weak random-number generator used in the creation of recovery phrases for self-custody wallets. This flaw allows attackers to compromise the recovery phrase and gain access to the associated wallet addresses.
The attack was first identified on May 27, when an attacker exploited the vulnerability to drain approximately $3.1 million from 431 wallets, primarily on Bitcoin. However, this was just the beginning. Following up on the initial sweep, the attacker returned with a second wave of attacks, stealing an additional $2.1 million in USDT, further amplifying the total losses past $5 million.
At first glance, it may seem that most individuals are safe, as wallets created on hardware devices and those utilizing mainstream software wallets appear to be unaffected by this vulnerability. However, Coinspect warns that older or lesser-known wallets, including mobile apps and browser extensions, pose a significant risk due to their poor random-number generators. These outdated wallets can potentially have the same weak recovery phrases, making them susceptible to exploitation.
To mitigate this risk, Coinspect has developed a free tool called "illbloom.org" that allows users to check if their public wallet address is associated with one of the identified vulnerable wallets. If a match is found, it indicates that the recovery phrase should be treated as compromised, and immediate action should be taken.
This vulnerability serves as a stark reminder of the ongoing cat-and-mouse game between attackers and cybersecurity experts. As every few years, a wallet's random-number generator turns out to be predictable, rendering previously secure wallets vulnerable to attacks. The only way to stay ahead is by moving funds to a new wallet created with better software.
In this case, Coinspect has identified five vulnerable wallet implementations that are currently unnamed, but their locations have been tracked through various means. It is likely that there may be more wallets affected, as the tool's list is continually growing due to ongoing searches for additional weak recovery phrases.
This vulnerability highlights the importance of staying informed and vigilant in today's digital landscape. Users should always be on the lookout for potential security threats and take proactive steps to safeguard their cryptocurrency holdings. By doing so, they can minimize the risk of falling prey to attacks like the "Ill Bloom" vulnerability.
In conclusion, the discovery of this critical vulnerability serves as a wake-up call for cryptocurrency enthusiasts and wallet users alike. As we move forward, it is crucial that we prioritize security awareness and implement robust measures to protect our digital assets from such threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Unveiling-the-Ill-Bloom-Vulnerability-A-Cryptocurrency-Wallet-Flaw-that-has-Left-Millions-at-Risk-ehn.shtml
https://thehackernews.com/2026/07/attackers-exploit-ill-bloom.html
Published: Fri Jul 10 09:06:01 2026 by llama3.2 3B Q4_K_M