Blockchain security firm Coinspect has identified a critical security flaw dubbed the “Ill Bloom” vulnerability, which resulted in a coordinated sweep of approximately $3.1 million from hundreds of crypto wallets. The exploit, which took place on May 27, 2026, targeted 431 specific wallets in a matter of hours.
This incident stems from a fundamental weakness in how certain mobile wallets generate recovery phrases, allowing attackers to predict and regenerate secret keys.
Predictable randomness compromises wallet security
The security firm traced the root cause to an insecure pseudorandom number generator (PRNG) used during the initial wallet creation process. This flaw meant that instead of truly random seed phrases, the software produced recovery phrases with significantly less cryptographic strength than intended.
While the coordinated attack occurred recently, Coinspect noted that affected addresses date back as far as 2018, primarily tracing back to lesser-known mobile applications.
The core of the Ill Bloom vulnerability lies in the lack of cryptographic entropy. When a user creates a new non-custodial wallet, the software is meant to use high-quality randomness to produce a unique 12 or 24-word recovery phrase. However, in the affected cases, the generator was mathematically predictable.
This failure allows an attacker to regenerate the entire range of possible phrases and then match those keys against funded addresses on public blockchains.
Coinspect researchers confirmed the severity of the flaw by reproducing the attack end-to-end. By checking the predictable set of keys against blockchain data, the firm identified a monitored set of 2,114 funded addresses across various networks. At their historical peak in April 2022, these specific wallets reportedly held up to $12.56 million, though the May 27 sweep focused on a smaller subset of high-value targets.
This situation mirrors past security failures like the Milk Sad vulnerability, where weak randomness also led to significant asset loss. While many investors monitor Bitcoin price analysis for signs of market volatility, this event proves that the underlying software used to store assets remains a critical point of failure. If the randomness used to build the wallet is flawed, the assets are never truly secure.
Bitcoin and Ethereum users targeted in sweep
The May 27 coordinated sweep hit multiple blockchains simultaneously, with attackers consolidated the stolen funds into a handful of shared collector addresses. According to Coinspect, the weakness spans several major networks, including Bitcoin (BTC), Ethereum (ETH), and Solana (SOL). Bitcoin alone absorbed the largest portion of the losses, totaling approximately $2.57 million, with one single account being drained of over $1.1 million.
In addition to these major chains, researchers also monitored funded addresses on Polygon, Rootstock, and Tron that were potentially exposed to the same class of weak randomness. As the Ethereum recovery outlook continues to face scrutiny from technical analysts, the Ill Bloom disclosure adds a fresh layer of concern regarding wallet software integrity.
Coinspect stated that the $3.1 million figure is a lower bound, as new affected accounts continue to surface.
Steps for users to secure vulnerable funds
To assist the community, Coinspect has released a checker tool that allows holders to verify if their public addresses are part of the known vulnerable dataset. However, the firm warned that a negative result is not a definitive guarantee of safety. The researchers urged any users who generated recovery phrases on obscure mobile wallets between 2018 and early 2026 to migrate their funds immediately.
It is important to note that hardware wallet users are unaffected by this specific vulnerability. Devices from major manufacturers use specialized hardware to ensure high-quality cryptographic randomness during seed generation. Users who find their addresses are exposed should create a brand-new wallet with a fresh recovery phrase and manually transfer their assets, rather than importing the old phrase into a new app.
As fraudulent recovery schemes often follow major security disclosures, Coinspect reminded the public that they will never ask for private keys, seed phrases, or approvals. Any service claiming to “recover” or “protect” a wallet by requesting these secrets is a scam designed to steal the remaining funds. The only reliable fix is a complete migration to a fresh, secure set of keys.
Looking ahead at crypto security standards
The discovery of the Ill Bloom vulnerability comes during a year of heightened security alerts for the digital asset industry. Cyber security firms including CertiK and PeckShield are expected to release deeper technical analyses of the flaw to help developers patch vulnerable libraries.
Furthermore, companies like Binance have already begun issuing critical security alerts to mobile users to prevent similar exploits from occurring on mobile operating systems.
The industry is currently pushing for better defaults, such as the new Ethereum Clear Signing standard, to improve transparency during transactions. However, the Ill Bloom case highlights that the primary point of failure often happens at the very beginning of the user journey — during the creation of the seed phrase itself.
For long-term holders, the safest path remains the use of verified hardware for key generation and storage.
