Cryptocurrency payments platform CoinsPaid has attributed the hacking of its internal systems and the theft of $37.3 million to the North Korean state-backed Lazarus Group. In a post on July 26, CoinsPaid stated that they suspect Lazarus Group, one of the most powerful hacker organizations, to be responsible for the attack. While CoinsPaid did not provide specific details on how the money was stolen, the incident resulted in the halt of operations for four days.
CoinsPaid has now resumed operations in a new, limited environment. The company assured its customers that their funds remained intact, but significant damage was done to the platform and the firm’s balance sheet. Despite the massive exploit, CoinsPaid believes that the cybercrime organization had anticipated a much larger reward. The firm filed a report with Estonian law enforcement three days after the hack and received assistance from various blockchain security firms to investigate the incident.
The CEO of CoinsPaid, Max Krupyshev, is confident that the Lazarus Group will face consequences for their actions, stating, “We have no doubt the hackers won’t escape justice.” Blockchain security firm SlowMist has suggested a possible link between the CoinsPaid hack and recent hacks in Atomic Wallet and Alphapo, which collectively resulted in the theft of $100 million and $60 million, respectively.
In addition to targeting cryptocurrency platforms, Lazarus Group is also reportedly engaged in a social engineering scheme aimed at workers in the cryptocurrency and cybersecurity sectors. Online coding platform GitHub has expressed “high confidence” that Lazarus Group is conducting this scheme, which involves compromising GitHub accounts with malware-infected NPM packages. This allows the hackers to infiltrate the victims’ computers. Socket.Dev, a cybersecurity platform, has urged software developers to exercise caution when collaborating on GitHub and to scrutinize repository invitations and requests to install npm packages on social media.
The allegations against Lazarus Group highlight the ongoing challenges faced by the cryptocurrency industry in combating cybercrime. The involvement of state-backed hacking organizations adds another layer of complexity, as it suggests the existence of sophisticated and coordinated efforts to exploit vulnerabilities in the sector. With the collaboration of law enforcement agencies and cybersecurity firms, it is hoped that these attacks can be mitigated, and the responsible parties brought to justice. The resilience and proactive measures taken by companies like CoinsPaid serve as a reminder of the constant battle against cyber threats in the digital age.