On January 6, CoinsPaid, the Estonian cryptocurrency payments service provider, fell victim to a significant security breach. The cyberattack led to the theft of nearly $7.5 million in digital assets across the Binance (BNB) and Ethereum (ETH) chains. This incident is not the company’s first brush with security violations. A similar attack in July 2023 resulted in a loss of a staggering $37.3 million.

Notorious Hackers Suspected

The recent theft is believed to be the handiwork of the Lazarus group, a notorious hacking entity with alleged ties to North Korea. The group has a reputation for orchestrating a series of cryptocurrency heists, employing sophisticated tactics to bypass security defenses. Deddy Lavid, CEO of Cyvers, a cybersecurity firm, suggests that the stolen funds comprised various cryptocurrencies that were swiftly transferred to multiple externally owned accounts. These funds were subsequently deposited into exchanges including WhiteBit, MEXC, and ChangeNow.

Inadequate Wallet Access Control

The breach has been attributed to insufficient wallet access control, a vulnerability that Cyvers had previously flagged. The absence of robust security measures allowed the hackers to infiltrate the system and make off with a substantial sum. This loophole, if not addressed, could potentially expose CoinsPaid to future attacks and losses.

Exploiting Employee Vulnerabilities

CoinsPaid also fell prey to social engineering attacks orchestrated by the Lazarus group. As part of their infiltration strategy, Lazarus offered high-paying jobs to CoinsPaid employees, a tactic that proved successful in gaining internal access to the company’s systems. The Lazarus group has a storied history with enormous thefts under their belt, with around $3 billion illicitly acquired over six years, including a notable $600 million haul in 2023.

In conclusion, the Lazarus group’s consistent targeting of CoinsPaid, evident from the similar attack patterns recognized in past incidents, underscores the urgency for companies to strengthen their security infrastructure. As digital assets become more prevalent, the stakes in the cybersecurity landscape continue to rise, demanding an increased focus on robust, future-proof strategies.