According to Coinspect Security, a wallet generation vulnerability named "Ill Bloom" was exploited to control affected wallets and steal funds on July 6. The flaw has impacted wallets across multiple blockchains since 2018, with affected wallets still being generated in recent weeks. Coinspect disclosed that approximately $3 million was stolen from hundreds of accounts on May 27, with an additional $2 million transferred from exposed wallets in the past hours.
Thousands of accounts remain at risk across Bitcoin, Ethereum, Layer 2 networks, Tron, and Solana. Coinspect launched an address checking tool and urged wallet providers to integrate lightweight weak seed phrase detection. Slowmist Chief Information Security Officer 23pds advised users to check for active historical seed phrases exposed to this vulnerability.