CoinsPaid Hit by Major $7.5M Crypto Theft Again

On January 5, CoinsPaid, an Estonian crypto-payments service provider, experienced a significant cyberattack. Hackers successfully stole approximately $7.5 million in cryptocurrency from the Binance (BNB) and Ethereum (ETH) chains. This event marked another security breach for CoinsPaid, following a previous incident in July 2023, where the company lost $37.3 million to hackers.

The recent breach was initially detected and reported by Cyvers, a real-time security alert system, through its social media channels. Despite the company’s efforts to compensate customers for past losses using its reserves, the repeated attacks raise concerns about its security measures.

The identity of the attackers remains uncertain, but the Cyvers team speculates that the Lazarus group, known for its links to North Korea, could be involved. This suspicion is grounded in the group’s history; they were implicated in a massive $100 million theft from CoinsPaid and Alphapo in July 2023.

Following the January 5 theft, the hackers reportedly converted the stolen assets into Ethereum and dispersed them across various externally owned accounts (EOAs) on both the ETH and BNB chains. Some of the stolen funds were also tracked to WhiteBit, MEXC, and ChangeNow exchanges.

A critical factor contributing to this incident was inadequate wallet access control within CoinsPaid. Notably, the company had been warned by Cyvers about potential vulnerabilities in their system back in July 2023, the same time when the massive theft linked to the Lazarus group occurred.