A wallet flaw called 'Ill Bloom' — why weak recovery phrases can drain your coins
Security firm Coinspect has disclosed a vulnerability it calls "Ill Bloom" that affects thousands of crypto wallets acro…
Security firm Coinspect has disclosed a vulnerability it calls "Ill Bloom" that affects thousands of crypto wallets across several blockchains, including Bitcoin, Ethereum, Polygon, Tron and Solana. The problem is not a broken blockchain but weak "randomness" in how some wallet apps generated their recovery phrases, and at least $5 million has already been drained from affected wallets since late May.
A crypto wallet's recovery phrase — the string of 12 or 24 words you are told to write down and never share — is supposed to be generated from a truly unpredictable random number, so that no attacker could ever guess it. Coinspect says certain wallet apps used an insecure random-number generator, which made those phrases far more guessable than intended. Wallets created as early as 2018 may be exposed, and the issue shows up most often in lesser-known mobile software wallets.
The damage is already real. Coinspect reported that a single attack on May 27 hit 431 out of 2,114 vulnerable wallets and drained about $3.1 million, with a further $2 million moved out of exposed wallets on Sunday. Security monitor SlowMist said it was tracking the alert. Coinspect has not published the technical details of the live exploit but has released a tool that lets people check whether their own address may be exposed.
Importantly, this does not appear to affect everyone. Coinspect said seeds generated with a hardware wallet are not affected, and that most widely used software wallets also appear safe. The strongest candidates for risk are people who created their recovery phrase in a less common mobile wallet app.
This kind of flaw has appeared before. In 2023, researchers found that seeds made by the Trust Wallet browser extension could be brute-forced because they drew from only about four billion possible combinations; it was patched before funds were lost. A separate 2023 bug in the Libbitcoin Explorer tool led to about $900,000 being stolen.
If you hold crypto, the beginner takeaway is not to panic but to understand where your recovery phrase came from. A phrase generated by a reputable hardware wallet or a major, well-audited app is the safest starting point. A checking tool that only asks for your public address is fine, but any tool that asks you to type in your secret recovery phrase is a scam. And if you suspect you used a lesser-known mobile wallet, the safest move is to create a new wallet with a trusted device and move your funds there.