- On July 22, 2023, the CoinsPaid platform suffered a hacker attack. It suspended operations for a few days, at the time of writing the site is operating normally.
- The project administration has published an official report. It states that Lazarus Group, a DPRK-based hacker group, is suspected in the attack.
- In the interest of the investigation, CoinsPaid is not releasing any details. But a spokesperson for the platform provided some details of what happened in a comment to Incrypted.
Payment platform CoinsPaid is back up and running after being hacked on July 22, 2023. At the same time, the administration of the project published an official statement in which it blamed the North Korean group Lazarus Group for the incident.. However, the site suspended operations for several days due to the attack. The project team has been working to minimize losses all along, the organization said.
This is how CoinsPaid explained it in an exclusive comment to Incrypted:
“Although the vulnerabilities have been identified and fixed, the company will not publicly disclose the technical details of the incident for security reasons.”
The project’s administration also promised to pass the information on to other cryptocurrency companies to avoid a repeat of similar incidents.
Why is the platform blaming Lazarus Group?
CoinsPaid claims that the group is behind the attack. In a conversation with Incrypted, Evgeny Kuzin, head of the company’s press service, commented on this position:
“Judging by the onchain analytics, there are overlaps in the withdrawal and distribution of funds with the attacks on Atomic Wallet and Alphapo, in which Lazarus Group is suspected.”
As a reminder, the non-custodial cryptocurrency wallet Atomic Wallet was hacked in early June. At the same time, analysts say Lazarus Group is behind it.
The damage from the CoinsPaid hack totaled $37.3 million. As reported by the representatives of the platform, this is solely the operating funds and profits of the organization itself, the capital of clients is not affected in any way. However, the team can be contacted for any clarifications by emailing [email protected].
The loss could have been much higher if not for the actions of the company’s employees, the platform said. CoinsPaid says this is a record low “mining” by Lazarus Group.
Investigation progress and next steps
On July 25, 2023, CoinsPaid contacted Estonian law enforcement authorities. In a comment to Incrypted, Kuzin added that experts from cybersecurity agency companies such as Crystal, Chainalysis and Match Systems are working with the company.
“They are helping us trace the path of the stolen funds, thanks to which, among other things, we hope to identify those responsible and recover some of the funds,” CoinsPaid said.
The platform continues to operate normally. The organization promised to release new details at a later date.
The platform continues to operate normally.