Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Jul 10, 2026 - 13:05
0 0
Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out and take everything it controls.

Coinspect has confirmed one coordinated sweep on May 27 that drained about $3.1 million from 431 wallets. It says roughly $2 million more has moved from exposed wallets since then. How much of that was theft, and how much was owners moving their own funds to safety, is not yet clear.

As the firm puts it, "if funds recently moved without your permission, this vulnerability may be why."

Most people are probably fine. Coinspect says wallets created on hardware devices are not affected, and most mainstream software wallets are not either. The real risk sits with older or lesser-known mobile wallets, some going back to 2018.

Coinspect has not named the apps involved, so the only way to know is to check. Paste your public wallet address into the free checker at illbloom.org. A match means the recovery phrase should be treated as compromised, so move your funds to a new wallet.

What actually broke

Every self-custody wallet starts with a recovery phrase, usually 12 or 24 words, also called a seed phrase. Those words are meant to be picked at random from a pool so vast that guessing them is hopeless. The affected wallets were not random enough. Their software used a weak random-number generator when it created the phrase.

That shrank the pool of possible phrases from astronomically large to a range that an attacker could search. Coinspect has not published exactly how small.

Cybersecurity

Coinspect says it rebuilt the attack from end to end. It worked through the full set of phrases the weak generator could produce, derived the wallet addresses each one leads to, then checked public blockchain records for the addresses still holding funds.

The result is a watchlist of wallets that were born weak, regardless of which app generated them.

The theft, by the numbers

As of June 30, Coinspect had traced 2,114 exposed addresses with on-chain activity across Bitcoin, Ethereum, Rootstock, Tron, and Polygon. The May 27 sweep drained about $3.1 million from 431 of them. Bitcoin took the worst of it at roughly $2.57 million, and a single Bitcoin address lost more than $1.1 million on its own.

Coinspect could tell it was one coordinated theft because hundreds of unrelated wallets sent their balances to the same few collection addresses within hours.

Counting the latter movements, more than $5 million has left these wallets since May 27. Coinspect calls that a floor, not a ceiling: it has mapped only this set of addresses so far and expects more. At its 2022 peak, the same set was worth a reconstructed $12.56 million, though most of that value had already fallen with the market before the May 27 sweep.

What to do

The checker at illbloom.org compares a public wallet address against Coinspect's list of known-vulnerable wallets. It accepts Bitcoin, Tron, Solana, and Ethereum-style addresses (Ethereum, Polygon, BNB, and other EVM chains).

One weak phrase can expose funds on every chain it controls, so check every address tied to the same seed, not just the ones already drained. A clean result is not a guarantee, since the list is incomplete, but a match is a clear warning.

If your address matches:

  1. Treat the recovery phrase as compromised. The money is not safe just because it has not moved yet.
  2. Create a brand-new wallet with a brand-new phrase. You should see a fresh set of 12 to 24 words. If an app asks you to type in your old phrase, you are reopening the weak wallet, not making a new one.
  3. Move your funds to the new wallet. Reinstalling the old app or importing the same phrase somewhere else changes nothing.

One more warning. Scams like this pull in scammers who offer to "rescue" your money. A real checker never needs a secret. Coinspect says it "will never ask for seed phrases, private keys, signatures, or approvals, or ask users to send funds to 'recover' or protect a wallet."

Do not type your recovery phrase, private key, password, or backup file into any site or message, ever. A hardware wallet is the safest place to move funds, but generate a fresh phrase on the device rather than importing the old one.

We have seen this before

This is an old failure with a new name. Coinspect took "Ill Bloom" from "illness blossom," the first weak phrase its generator produces, the same way Milk Sad was named after "milk sad" in 2023. That bug (CVE-2023-39910), in the Libbitcoin Explorer command-line tool, let thieves drain millions in one sweep that July.

A close cousin (CVE-2023-31290) hit the Trust Wallet browser extension the same year, crackable in under a day.

Cybersecurity

The same trap caught Randstorm, the weak-randomness flaw THN covered in 2023, which left Bitcoin wallets made between 2011 and 2015 crackable because the browser code behind them used poor random numbers.

The researchers noted then that the flaw was baked into those wallets forever, and the only fix was to move the funds to a new wallet made with better software. That is exactly the fix for Ill Bloom.

Every few years, a wallet's random-number generator turns out to be predictable. Wallets that looked safe become drainable. The fix is always the same: move the money somewhere new. The wallet looks fine, and the words look random, but the machine that picked them was predictable. A predictable key is barely a key at all.

What's next

The open question now is which apps generated the weak phrases. A public address does not reveal the one that made it, so Coinspect is asking matched users to report what they used, and passing findings to the vendors and teams that can act on them.

The Hacker News has reached out to Coinspect for comment on which wallet apps produced the weak recovery phrases and the scope of the exposed set, and will update this story with any response."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Wow Wow 0
Sad Sad 0
Angry Angry 0

Comments (0)

User