CoinsPaid Falls Victim to $7.5 Million Cyber Theft; Suspected Involvement of Lazarus Group

Author : Elisabeth Louise | Published On : 09 Jan 2024

Estonian crypto-payment gateway CoinsPaid fell victim to a cyberattack on January 5, 2024, resulting in a substantial loss of approximately $7.5 million worth of various cryptocurrencies. The compromised assets included 4.8 million USDT, 500 ETH, 106,000 USDC, 924,000 BSC-USD, 268.5 BNB, and 97 million CPD tokens. The attack exposed vulnerabilities in the platform's wallet access controls, as reported by blockchain security firm Cyvers, which pointed to the involvement of the notorious Lazarus Group.

In an attempt to obfuscate the stolen funds, the attackers converted the cryptocurrencies into Ethereum (ETH) and distributed them across external accounts on both the Ethereum and Binance (BNB) chains. Some of the pilfered assets were also transferred to various centralized exchanges, including MEXC, ChangeNow, and WhiteBit. The Lazarus Group's suspected involvement in this incident adds to their extensive history of targeting crypto platforms, resulting in substantial financial losses.

This unfortunate event marks the second significant breach for CoinsPaid within six months, with both incidents attributed to the Lazarus Group. In a statement, CyVers CEO Deddy Lavid emphasized the root cause of the breach as "inadequate wallet access control." Lavid highlighted that the exchange had previously been alerted to potential vulnerabilities, underscoring the Lazarus Group's connection to similar past attacks.

The broader cryptocurrency community witnessed additional security incidents at the beginning of 2024, including unauthorized access to multisig signers leading to a loss of over $81 million for Orbit Chain. Radiant Capital and Gamma also experienced separate attacks, resulting in considerable financial damages. These incidents underscore the persistent and evolving threats facing the cryptocurrency sector.