Thousands of cryptocurrency wallets could be vulnerable to attacks due to a flaw in the generation of recovery phrases (seed phrases). The issue was identified by blockchain security company Coinspect, which classified the vulnerability as "Ill Bloom".
According to the company, the flaw is related to the use of an insecure pseudorandom number generator during the creation of recovery phrases. In practice, this reduces the expected randomness, making some combinations more predictable and facilitating attacks by criminals.
The potentially affected wallets operate on the Bitcoin, Ethereum, Polygon, Rootstock, Tron and Solana networks. According to Coinspect, the issue is more common in certain software wallets for mobile devices, especially the lesser-known and less used ones.
The alert gained momentum after investigators identified losses of at least US$ 5 million in cryptocurrencies since May 27. Part of this amount was drained in an attack that compromised 431 wallets out of a universe of 2.114 vulnerable addresses, resulting in the theft of about US$ 3,1 million. Last Sunday, another US$ 2 million were moved from exposed wallets.
Coinspect advises users to verify their addresses using the tool provided by the company. Since the vulnerability may still be under exploitation, the complete technical details remain confidential to avoid new attacks.
“If there has been recent movement of funds without your permission, this vulnerability could be the cause,” said the Coinspect.
The case is also being followed by other specialized cryptocurrency security companies.
"We are closely monitoring the Ill Bloom wallet weak randomness risk alert issued by Coinspect," SlowMist posted on X on Monday.
Hardware wallets were not affected
So far, investigations indicate that users who created their recovery phrases in hardware wallets remain protected against this vulnerability.
“Current evidence indicates that users who generated their seed with a hardware wallet were not affected,” Coinspect said.
The company added that most current software wallets also do not present this issue. According to the researchers, the biggest risk is concentrated in less popular mobile applications developed in recent years.
“Additional research indicates that most current software wallets are also not vulnerable,” it added. “The strongest candidates are users who generated their seed in software wallets for less-used mobile devices.”
Similar failures have already caused losses
This is not the first time that a vulnerability in the generation of recovery phrases puts users at risk.
In 2023, researchers discovered a flaw in Trust Wallet’s browser extension that drastically limited the number of possible combinations of the seed phrases. The vulnerability could have enabled brute-force attacks using only a few GPUs, but it was fixed before any records of fund losses occurred.
In the same year, another flaw affected Libbitcoin Explorer. The issue allowed attackers to break private keys through brute force, causing the theft of approximately US$ 900 thousand in cryptocurrencies.
These episodes reinforce that a wallet’s security starts with the recovery phrase generation. When the randomness used in this process is compromised, even advanced protection mechanisms may not be enough to prevent criminals from discovering the keys and emptying the stored assets.

