CoinsPaid Faces Second Major Breach: Cypto Payment Gateway Hacked Again

Twitter icon  •  Published 11 months ago on January 9, 2024  •  Nikolas Sargeant

CoinsPaid, an Estonian payment processor, experiences its second multimillion-dollar breach within six months, raising concerns about the platform's security.

CoinsPaid Faces Second Major Breach: Cypto Payment Gateway Hacked Again

CoinsPaid, a payment processing solution facilitating transactions between traditional finance companies and crypto-paying customers, faces its second significant security breach in six months.

Having processed over 19 billion euros in crypto transactions and facilitating a million transactions monthly worth around 7 million EUR, CoinsPaid encountered its initial setback on July 22. The first breach, resulting in a $37.3 million loss, prompted a four-day operational halt for investigation, with support from Binance, Chainalysis, and others.

Initial Breach Attributed to Lazarus Group

Post-investigation, the notorious Lazarus Group from North Korea emerged as the culprit. Through a deceptive job interview, an employee unwittingly downloaded malicious code, enabling authorized withdrawal requests to hot wallets without breaching them. 

The convoluted breach followed months of attempts to bypass traditional security measures.

"Internal security measures triggered the alarm system, allowing us to swiftly halt malicious activity and expel hackers from the company’s perimeter."

Despite these measures, the platform faces a renewed threat, and it remains uncertain if Lazarus is responsible.

Cyvers Alerts on Unauthorized Access

Blockchain cybersecurity firm Cyvers recently flagged unauthorized transactions involving USDT, USDC, ETH, BNB, and CPD, CoinsPaid's token. Approximately $7.5 million was siphoned to an external wallet, redirecting funds to exchanges like ChangeNOW and WhiteBit.

While the attack echoes July's pattern, questions arise about the adequacy of CoinsPaid's purging efforts, possibly due to human oversight. Though the recent attack is less extensive than the previous one, the stolen amount aligns with CoinsPaid's monthly processing claims. As of now, the platform has not issued an official statement on the matter.

SEC Approves Franklin Templeton and Hashdex Dual Bitcoin-Ethereum Index ETFs
Next article SEC Approves Franklin Templeton and Hashdex Dual Bitcoin-Ethereum Index ETFs

Author

Nikolas Sargeant

Nik is a content and public relations specialist with an ever-growing interest in Crypto. He has been published on several leading Crypto and blockchain based news sites. He is currently based in Spain, but hails from the Pacific Northwest in the US.