You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
$ 30,725

CoinsPaid Faces Second Security Breach in Six Months, Unauthorized Transactions Totaling $7.5 Million Detected

Estonian digital asset payment processor CoinsPaid has experienced its second security breach in the last six months, resulting in unauthorized transactions totaling nearly $7.5 million, as reported by web3 security firm Cyvers.

Cyvers’ AI system detected multiple irregular transactions at 1:26 pm GMT on January 6, leading to the withdrawal of $6.1 million worth of digital assets, including Tether (USDT), Ether (ETH), USD Coin (USDC), and CoinsPaid’s native token CPD. The attacker allegedly exchanged approximately 97 million CPD tokens, valued at around $368,000, for ETH, subsequently transferring the funds to externally owned accounts (EOAs) and various cryptocurrency exchanges, including MEXC, WhiteBit, and ChangeNOW.

Further analysis by Cyver uncovered additional unauthorized transactions involving BNB (Binance Coin) worth over $1 million, bringing the total stolen amount close to $7.5 million. Cyver shared transaction details on social media, including the hacker’s address.

As of now, CoinsPaid has not issued any official updates or announcements regarding the security breach.

CoinsPaid Faces Second Major Security Breach

The recent security incident marks the second breach for CoinsPaid within six months, following a prior hack in July 2023, where hackers made off with over $37.3 million. According to CoinsPaid, the recent breach involved an attacker deceiving one of its employees through a fake job interview, resulting in the download of malicious code that facilitated unauthorized access to CoinsPaid’s infrastructure.

In the July incident, the hackers employed sophisticated social engineering techniques by posing as potential employers and targeting individual workers. The compromised employee unwittingly downloaded malicious code, granting the hackers access to CoinsPaid’s infrastructure. Exploiting a vulnerability in the platform’s cluster, the attackers created a backdoor and acquired information that enabled them to mimic legitimate requests for interaction with the blockchain. This ultimately facilitated the withdrawal of funds from CoinsPaid’s operational storage vault.

CoinsPaid suspected the involvement of the Lazarus Group, a renowned group known for its sophisticated cyberattacks, in the July hack. The company collaborated with blockchain security firm Match Systems to trace the stolen funds, with a substantial portion identified on SwftSwap. The tactics utilized by the hackers in both the recent and July incidents closely resembled those associated with the Lazarus Group, heightening suspicion.

Following the recent breach, CoinsPaid promptly filed a report with Estonian law enforcement just three days after the incident to facilitate a comprehensive investigation. Blockchain security firms, including Chainalysis, Match Systems, and Crystal, played a crucial role in CoinsPaid’s initial investigation during the initial days.

Lazarus Group’s Cryptocurrency Holdings Exceed $47 Million

CoinsPaid confronts the formidable challenge of bolstering the security of its platform and infrastructure, given the occurrence of two significant security breaches within a span of six months. The cryptocurrency industry, grappling with evolving threats, has been contending with persistent challenges in fortifying the security of payment gateways.

Of notable concern is the Lazarus Group, a notorious North Korean hacking organization, which reportedly holds cryptocurrency assets exceeding $47 million. The bulk of their holdings comprises Bitcoin (BTC). In a report from institutional crypto platform provider 21.co in October 2023, it was revealed that wallets associated with the Lazarus Group contained approximately 1,600 Bitcoin, 10,810 Ether (ETH), and 64,490 Binance Coin (BNB). The cumulative value of cryptocurrency in the hacker group’s wallets was estimated at a staggering $75 million at the time of the report.

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024By
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024By
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024By

Latest news

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024
Bitcoin Mining Firm CleanSpark Acquires GRIID in $155M Stock Deal
28.06.2024
Elastos Partners With BEVM to Launch Bitcoin P2P Loans, Targeting $1.3T in Dormant Value
28.06.2024
Coinbase Files Lawsuits Against SEC, FDIC Over FOIA Request
27.06.2024
UK Watchdog Boosts Crypto Division to 100 Staff Members
27.06.2024
Hong Kong Government Explores DeFi and Metaverse to Boost Fintech Dominance
27.06.2024
Spot Ether ETFs May Receive US Approval by July 4: Report
27.06.2024
Bitcoin ETFs See Inflows for Second Consecutive Day as BTC Holds Steady at $60K
27.06.2024