Thousands of cryptocurrency wallets may be exposed to theft because of weaker-than-intended recovery phrases generated by some software wallets, according to blockchain security firm Coinspect. The firm has labeled the issue “Ill Bloom” and says it stems from poor randomness during seed generation, leaving certain wallets easier to brute-force than users would expect.
The affected wallets span several major networks, including Bitcoin , Ethereum , Polygon, Rootstock, Tron and Solana . Coinspect said the problem has been present in wallets created as early as 2018, with the highest risk appearing in lesser-known mobile wallets rather than in hardware devices. The firm estimates that at least $5 million has already been drained from exposed wallets since May 27, although the true figure could be higher if other chains or addresses have also been targeted.
According to the security analysis, one attack on May 27 affected 431 wallets out of 2,114 identified as vulnerable and resulted in about $3.1 million in losses. A further $2 million was moved from exposed wallets on Sunday. Coinspect has not publicly disclosed the precise exploit details, but it has released a tool that allows users to check whether their address could be at risk.
The company said there is no evidence that wallets whose seeds were generated with hardware wallets are affected. It also noted that most mainstream software wallets appear safe, with the strongest concern centered on users who created recovery phrases in smaller, less widely used mobile applications.
The incident highlights a recurring weakness in crypto security. In 2023, Ledger researchers identified a flaw in the Trust Wallet browser extension that reduced the number of possible mnemonic combinations to a level that could be attacked with substantial computing power. That issue was fixed before losses were reported. In another case that same year, a flaw in Libbitcoin Explorer led to roughly $900,000 in stolen funds through private key brute-force attacks.USD/IDR extended its advance for a second straight session on Monday, trading near 18,040 during Asian hours. The rupiah remained under pressure as the US dollar drew support from expectations that the Federal Reserve could raise interest rates again before the end of the year.
Market pricing continues to point to a high likelihood of additional tightening. Current futures-based estimates assign roughly a 77% probability to a year-end rate hike, reflecting persistent concern that US policy may stay restrictive for longer than previously expected. Traders are now looking to upcoming US data for fresh clues on the strength of the economy and the likely path for rates.
Later in the day, attention will turn to the ISM Services PMI, which could help gauge whether the services sector is still expanding at a solid pace. The market will also watch the Federal Reserve’s June meeting minutes due on Wednesday, as policymakers’ discussion may offer more detail on how officials view inflation, labor conditions, and the timing of any future moves.
At the same time, the dollar’s momentum may not be entirely one-way. Softer-than-expected US employment figures released last week tempered confidence in a near-term rate hike. Nonfarm Payrolls rose by only 57,000 last month, well below expectations of 110,000, even though the unemployment rate edged down to 4.2% from 4.3%. The weaker hiring trend has fueled questions about whether the US economy is losing speed.
In Indonesia, investors are awaiting the June foreign exchange reserves report due on Wednesday. The previous month showed reserves at a near two-year low after a fifth consecutive decline, as authorities intervened heavily to support the rupiah. The ongoing drawdown has heightened concern over external buffers and prompted warnings from credit analysts about possible pressure on Indonesia’s financial position.