CoinsPaid, a crypto payment service, battles the notorious Lazarus Group in a cyber attack that resulted in a $37.3M theft

Continue reading
On July 22nd, 2023, the Estonian crypto-payments service provider, CoinsPaid, was targeted in a cyber attack that resulted in the theft of a staggering $37.3 million worth of cryptocurrency. In a shocking revelation, CoinsPaid has accused the notorious Lazarus Group, a financially-motivated North Korean hacking organization, which has recently victimized JumpCloud of orchestrating the attack.
Despite the severity of the incident, CoinsPaid demonstrated unparalleled resilience in safeguarding client funds, which remained unaffected by the breach. This Threatfeed delves into the underlying details surrounding the attack, the company's swift response, and its collaboration with prominent blockchain analysts and law enforcement to bring the culprits to justice.
CoinsPaid's assertion that the Lazarus Group was behind the attack adds another chilling chapter to the threat actor's notorious track record. Known for targeting high-profile organizations, Lazarus has left a trail of financial devastation, with Sony, Axie Infinity, Horizon Bridge, Atomic Wallet, and Alphapo counted among its victims. The group's audacious attempt to breach CoinsPaid points to a calculated scheme, aiming for a more significant cash-out than ultimately achieved.
In the wake of the attack, CoinsPaid's response was nothing short of remarkable. The company's dedicated team of cybersecurity experts leaped into action, fortifying the platform's defenses and mitigating the extent of the damage. Thanks to their swift and decisive efforts, the hackers' reward was kept at a record low, leaving Lazarus frustrated in the face of CoinsPaid's formidable defenses.
Despite the resilience displayed by CoinsPaid, the attack did have some adverse effects on the platform's availability, temporarily disrupting services. However, the company reassures customers that client funds remain entirely secure and accessible. CoinsPaid is actively working to restore full functionality in its new, more secure environment, aiming to minimize any further disruptions.
CoinsPaid's commitment to investigating the incident is commendable. The company has partnered with renowned blockchain analytics firms such as Crystal, Chainalysis, Match Systems, Valkyrieinvest, Staked.us, OKCoinJapan, and Binance to track and mark the stolen funds.
Additionally, Estonian law enforcement authorities are fully engaged in the investigation, with CoinsPaid promptly filing an official report on July 25th. As the crypto community unites against malicious actors, CoinsPaid's collaboration sets a powerful precedent for collective action against cybercrime.
In the face of the Lazarus threat, CoinsPaid is calling on other prominent crypto payment processors, including Binance, Kraken, Coinbase, Bitfinex, and OKX, to join forces in safeguarding the industry against future attacks. Establishing a round table with all Lazarus victims aims to facilitate knowledge sharing and the development of preventive measures, ensuring a more resilient future for cryptocurrency payment processors.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation