CoinsPaid Falls Victim to Cyberattack, Losing $7.5 Million in Cryptocurrency
CoinsPaid, a crypto-payments service provider based in Estonia, experienced a cyberattack on January 5, resulting in the theft of approximately $7.5 million in cryptocurrency from the Binance (BNB) and Ethereum (ETH) chains.
The breach was initially reported by the Cyvers platform through its social media account. This is not the first time CoinsPaid has been targeted by hackers. In July 2023, the company suffered a breach that resulted in the theft of $37.3 million. However, CoinsPaid compensated its customers using its reserves.
The Suspected Culprit: Lazarus Group
Although it remains unknown who is responsible for the recent hack, the Cyvers team suspects that it may be the Lazarus group. Deddy Lavid, CEO of CyVers, confirmed this suspicion and stated that the stolen assets were converted to ETH and distributed across various externally owned accounts (EOAs) on both ETH and BNB chains.
The Vulnerability and Past Attacks
Lavid pointed out that inadequate wallet access control was the root cause of this incident. In fact, CoinsPaid had been alerted to potential vulnerabilities by Cyvers back in July 2023 when a $100 million theft occurred due to a hack linked to the North Korean Lazarus group.
In addition to targeting CoinsPaid, the Lazarus group has been involved in numerous hacks over the years, stealing an estimated $3 billion worth of cryptocurrency in total. In 2023 alone, they stole $600 million in digital assets.
CoinsPaid vs. Lazarus: Similar Patterns and Schemes
CoinsPaid previously suspected that the Lazarus group was behind their system attacks. Investigations revealed similar patterns and schemes preferred by the group.
In a blog post, CoinsPaid stated that the hackers socially engineered their way into the company’s internal computers. The group targeted employees for six months, offering them high-paying jobs as part of their strategy.
One employee was approached by fake HR recruiters and invited to an interview. The “interviewer” sent a link to install corporate communications software, which turned out to be a remote PC administration and management tool. This smokescreen ultimately led to the hack being reported.
Hot Take: CoinsPaid Faces Another Devastating Cyberattack
CoinsPaid, an Estonian crypto-payments service provider, has fallen victim to yet another cyberattack resulting in the theft of $7.5 million in cryptocurrency. This incident raises concerns about the security measures implemented by CoinsPaid and highlights the ongoing threat posed by hacking groups like Lazarus.
By
By
By
By
By