News

CoinsPaid Revealed The Recent Hack Was Caused By A Malicious File

Key Points:

  • CoinsPaid lost $37 million in the swift cyberattack.
  • Suspected Lazarus Group behind the elaborate 6-month operation.
  • The incident underscores rising cybersecurity challenges for crypto businesses.
In a recent cybersecurity incident that unfolded in late July, Estonia’s leading crypto payment provider, CoinsPaid, fell victim to a meticulously planned attack, resulting in a staggering loss of $37 million.
CoinsPaid Revealed The Recent Hack Was Caused By A Malicious File 2

The attack was executed with remarkable speed and precision, indicating the possible involvement of Lazarus Group, a hacking group linked to the North Korean government, as suggested by CoinsPaid and Match Systems investigators, Bloomberg reported.

The ordeal began when a programmer engaged in a video interview with a recruiter who had extended a promising job offer via LinkedIn. During the virtual meeting, the programmer was instructed to download a file for a technical assessment, a seemingly innocuous task that masked the hackers’ true intentions.

Just a few days later, on July 22, the CoinsPaid security team detected a series of unauthorized withdrawals, rapidly depleting company funds. The hackers remained covert, obscuring both the origin of the pilfered cryptocurrency and the recipient’s digital wallet addresses.

CoinsPaid’s Chief Financial Officer, Pavel Kashuba, revealed that the attack’s swiftness and sophistication were indicative of seasoned professionals at work.

This incident culminated in an intricate six-month operation characterized by numerous denial-of-service and brute-force attacks. Hackers systematically probed the network for exploitable technical vulnerabilities, ultimately zeroing in on the breach.

The hackers diligently studied CoinsPaid over time, launching phishing attacks and ingeniously contacting multiple staff members with faux inquiries and enticing job offers. This calculated approach granted them access to internal systems, laying the groundwork for the devastating breach.

As the investigation unfolds, the possibility of Lazarus’ involvement underscores the growing sophistication and global reach of cyber threats facing the cryptocurrency industry.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

NYC Taxi Driver Struck Gold with Ethereum—What’s His Next Target? BlockDAG, the Presale Giant!

Explore how John, a NYC taxi driver, struck gold with ETH. See how BlockDAG’s BULLRUN100…

3 hours ago

USDT Daily Net Inflow Surges Past $1.3 Billion

According to Amr Taha, the USDT daily net inflow into cryptocurrency exchanges has jumped above…

4 hours ago

BNBChain Google Cloud Investment Backs MVB Projects With $10M

BNBChain Google Cloud Investment provides $10M in cloud credits to support MVB program projects, enabling…

4 hours ago

Lost Dogs: The Way Review – Card Bet Game On TON

Lost Dogs: The Way is an attractive game on Telegram developed by Notcoin combined with…

4 hours ago

Google Cloud ZetaChain Collaboration Secures Web3 Universal Apps

Google Cloud ZetaChain collaboration brings enhanced security to ZetaChain as Google Cloud joins as a…

4 hours ago

Selling Bitcoin Early Make U.S. & German Missed $18B Profits

From June to August, selling Bitcoin by U.S. and German authorities caused a "nightmare" for…

4 hours ago

This website uses cookies.