.png){kind=logo}
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
On July 22, 2023, CoinsPaid, a leading cryptocurrency payment gateway, announced that it had suffered a hacker attack that resulted in the theft of US$37.3 million worth of digital assets. The company suspects that the notorious Lazarus Group, a cybercrime organization linked to the North Korean government, is behind the attack.
According to CoinsPaid, the hackers spent six months trying to infiltrate its systems and find vulnerabilities. They used various tactics, such as social engineering, DDoS, and brute force attacks, to gain access to the company's servers and wallets. The hackers also posed as a Ukrainian crypto processing startup and contacted CoinsPaid's engineers with a list of questions regarding its technical infrastructure.
On July 22, the hackers launched their final attack and managed to steal US$37.3 million worth of cryptocurrencies from CoinsPaid's hot wallets, which are online wallets that store funds for immediate transactions. The hackers transferred the stolen funds to various addresses and platforms, using sophisticated money laundering schemes to evade detection and tracking.
CoinsPaid said that it detected the attack within minutes and took immediate action to stop it and secure its systems. The company also notified its clients and partners and assured them that their funds were not affected and were fully available. CoinsPaid said that it is now working with Estonian law enforcement and several blockchain security firms, such as Chainalysis, Match Systems, and Crystal, to investigate the attack and recover the stolen funds.
CoinsPaid also pointed the finger at the Lazarus Group, one of the most powerful and notorious hacker groups in the world, as being responsible for the attack. The Lazarus Group is known for conducting cyberattacks against various targets, such as governments, corporations, banks, and cryptocurrency platforms, allegedly on behalf of the North Korean regime. Some of the most notable attacks attributed to the Lazarus Group are:
The Sony Pictures hack in 2014, leaked confidential data and threatened to cancel the release of a comedy film about the assassination of the North Korean leader.
The WannaCry ransomware attack in 2017, infected hundreds of thousands of computers worldwide and demanded ransom in Bitcoin to unlock them.
The Bangladesh Bank heist in 2016, attempted to steal US$1 billion from the central bank's account at the Federal Reserve Bank of New York but only succeeded in transferring US$81 million to accounts in the Philippines.
The Coincheck hack in 2018, stole US$530 million worth of NEM tokens from the Japanese cryptocurrency exchange, making it one of the largest crypto thefts in history.
CoinsPaid is not the only crypto platform that has been targeted by the Lazarus Group recently. In the past few months, several other crypto platforms, such as Atomic Wallet, Axie Infinity, and Horizon Bridge, have also reported being hacked and losing millions of dollars' worth of cryptocurrencies. Some security experts believe that these attacks are part of a coordinated campaign by the Lazarus Group to acquire foreign currency and fund the North Korean regime, which is facing economic sanctions and isolation.
CoinsPaid said that it is confident that the hackers will not escape justice and that it will continue to provide its services and improve its security. The company also thanked its clients and partners for their support and trust and urged the crypto community to be vigilant and cautious.
