CoinsPaid Crypto Payment Gateway Is Hacked Once More
The second hack, involving several million dollars, hit the Estonian platform in the last six months.
In the last six months, CoinsPaid has had its second big security breach. The company provides solutions to help businesses that typically work inside the conventional financial system and consumers who choose to pay using cryptocurrency.
Every month, they facilitate more than one million transactions, worth over seven million EUR, as stated on their website. According to CoinsPaid, almost 19 billion euros’ worth of cryptocurrency transactions have been performed so far.
In a devastating incident that occurred on July 22nd, CoinsPaid lost $37.3 million. During the investigation into the hack, which included Binance, Chainalysis, and others, the company temporarily suspended operations for four days.
Postmortem examinations led authorities to the conclusion that the notorious North Korean Lazarus Group was behind the assault. Even though CoinsPaid’s hot wallets were never compromised, Lazarus was able to deceive an employee into downloading malicious malware during a staged job interview. This code enabled Lazarus to make approved withdrawal requests to the wallets.
The complicated hack reportedly occurred after months of trying to circumvent the platform’s security in a more conventional way.
“We were able to quickly put a stop to the malicious activity and drive the hackers out of the company’s perimeter because internal security measures triggered the alarm system.”
It is unknown if Lazarus is also behind the latest assault on the site, but it has unfortunately fallen victim to another one.
Cryptocurrency cybersecurity company Cyvers raised red flags late last week on a number of fraudulent transactions, including USDT, USDC, ETH, BNB, and CPD, the platform’s native cryptocurrency.
A total of $7.5 million was illegally transferred from CoinsPaid to an unofficial wallet. Crypto exchanges like ChangeNOW, WhiteBit, MEXC, and others received the redirected funds.
The similarity between this attack method and the one employed in July suggests that the CoinsPaid team may have overlooked some undesirable actors’ attempts to get access to the platform.
The sum taken is about equivalent to the numbers that CoinsPaid promises to handle monthly, even though the attack’s scope is far less than the last one.
Also Read: OpenAI says New York Times was in collaboration before lawsuit January 9, 2024