Published
9 months ago on
July 27, 2023
Table of Contents
Crypto payments platform CoinsPaid believes North Korean Lazarus Group was behind the hack that saw $37 million stolen from the platform.
The platform has restarted operations after halting them in the wake of the hack and has proposed a roundtable with other victims of the Lazarus Group.
Lazarus Group Behind Hack
CoinsPaid had halted all operations following the hack that hit the platform on the 22nd of July, with hackers stealing over $37 million. In a post published on the 26th of July, the company pointed at the dreaded Lazarus Group, accusing it of orchestrating the hack while announcing the resumption of processing services. The company stated in the post,
“On the 22nd of July, CoinsPaid experienced a hacker attack, resulting in the theft of USD 37.3M. We suspect Lazarus Group, one of the most powerful hacker organizations, is responsible. In response to the attack, the company’s dedicated team of experts has worked tirelessly to fortify our systems and minimize the impact, leaving Lazarus with a record-low reward. Indeed, our security measures and procedures allowed CoinsPaid to prevent higher loss of funds.”
The Lazarus Group has become one of the most feared hacker organizations and has targeted some of the biggest companies in the world, including Sony, Alphapo, Atomic Wallet, Horizon Bridge, and Axie Infinity. The Axie Infinity hack alone saw the group steal a staggering $625 million.
Customer Funds Secure
The post also confirmed that the platform had resumed operations in a new, secure, and limited environment.
“After the partial downtime, our services are getting up and running one by one in the new secured environment. We expect it to take a few more days to sort out minor details and ensure the system works smoothly.”
The firm assured users that their funds were safe. However, it acknowledged that the company’s balance sheet had taken a considerable hit. Despite the loss, the company believes that Lazarus was hoping to extract a much larger sum from the platform, but the company’s team of experts was able to thwart their attempts.
“We believe Lazarus expected the attack on CoinsPaid to be much more successful. In response to the attack, the company’s dedicated team of experts has worked tirelessly to fortify our systems and minimize the impact, leaving Lazarus with a record-low reward.”
CoinsPaid’s preliminary investigation was assisted by blockchain security firms, including Match Systems, Chainalysis, and Crystal. CoinsPaid CEO Max Krupyshev stated,
“CoinsPaid will recover and continue delivering first-class innovative payment solutions despite the incident. We have no doubt the hackers won’t escape justice.”
Roundtable With Other Victims
According to the online coding platform GitHub, the Lazarus Group is actively targeting entities and users in the crypto and cybersecurity space. Cybersecurity platform Socket.Dev outlined how the hacker group targets users by compromising their accounts through Malware. According to Socket.Dev, the first point of contact are social media platforms such as WhatsApp.
Just last month, Elliptic, a blockchain forensics firm, revealed that the group had managed to hack Atomic Wallet, with the platform losing around $100 million. Meanwhile, online crypto sleuth ZachXBT revealed that the Alphapo hack resulted in a loss of $60 million. The Alphapo hack also impacted CoinsPaid, as the two organizations are closely associated with one another. CoinsPaid revealed that it would be organizing a roundtable with other victims of the Lazarus Group and launching an initiative to minimize such attacks in the future.
“Within a few weeks, CoinsPaid will organize a round table with all the Lazarus victims to announce a new initiative aimed at minimizing and preventing such attacks in the future. We urge Binance, Kraken, Coinbase, Bitfinex, OKX, and others to participate in this vital process.”
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Investment Disclaimer
