Key Takeaways
- Blockchain security company Coinspect has identified a critical security weakness dubbed “Ill Bloom” that impacts cryptocurrency wallets on Bitcoin, Ethereum, Polygon, Tron, Solana, and additional networks
- The security issue originates from inadequate random number generation used when creating wallet recovery phrases in specific mobile wallet applications
- Hackers have successfully stolen a minimum of $5 million starting May 27, including one coordinated assault that emptied 431 wallets totaling $3.1 million
- The vulnerability has existed since 2018, meaning wallets created years ago could still be compromised
- Users can verify their wallet’s safety using a complimentary verification tool provided by Coinspect
Coinspect, a prominent blockchain security organization, has revealed a critical security flaw named “Ill Bloom” that threatens thousands of cryptocurrency wallets worldwide.
The security weakness is rooted in insufficient randomness during the seed phrase generation process used by certain software wallets. When wallet applications employ inadequate random number generators during the creation phase, the resulting mnemonic phrases become susceptible to prediction and exploitation by malicious actors.
Multiple blockchain networks are impacted, including Bitcoin, Ethereum, Polygon, Rootstock, Tron, and Solana.
According to Coinspect’s investigation, this security flaw has existed for at least six years, dating back to 2018. Alarmingly, vulnerable wallets were still being created as recently as several weeks ago, putting both longtime users and newcomers at serious risk.
Timeline of the Exploitation Campaign
The first major coordinated attack occurred on May 27, when cybercriminals targeted 431 wallets from a pool of 2,114 identified vulnerable addresses, successfully draining $3.1 million worth of digital assets.
A second wave of attacks struck over the weekend, with approximately $2 million extracted from compromised wallets. Current estimates place total losses at a minimum of $5 million, though Coinspect suggests the actual figure may be considerably higher when accounting for losses across all affected blockchain networks.
To prevent further exploitation, Coinspect has deliberately withheld complete technical specifications of the vulnerability, limiting the information available to potential attackers.
According to the security firm, hardware wallet owners remain unaffected by this particular vulnerability. Most popular software wallet providers are also considered secure. The primary risk group consists of individuals who generated their recovery phrases using obscure or lesser-known mobile wallet applications.
Historical Precedents of Seed Generation Vulnerabilities
The Ill Bloom vulnerability is not an isolated incident in the cryptocurrency security landscape.
During 2023, Ledger’s cybersecurity division discovered that the browser extension version of Trust Wallet contained a seed generation weakness that significantly reduced randomness. This flaw reduced potential phrase combinations to approximately four billion possibilities, making it feasible for attackers to crack wallets within 24 hours using modest GPU computing power. Trust Wallet addressed the vulnerability before any user funds were compromised.
Similarly in 2023, a security weakness in the Libbitcoin Explorer wallet software resulted in $900,000 being stolen through systematic private key brute-force attacks.
What makes the Ill Bloom vulnerability particularly concerning is that it doesn’t originate from a single wallet provider, making remediation efforts more complex and widespread.
SlowMist, a respected security monitoring organization, has confirmed it is actively tracking the ongoing situation. Coinspect is calling on wallet developers to implement weak mnemonic detection capabilities directly into their applications.
Concerned users can access Coinspect’s specialized verification tool to determine whether their wallet addresses are vulnerable. If unauthorized transactions have occurred from your wallet, the Ill Bloom vulnerability may be responsible.



