CoinsPaid, a Crypto Payment Gateway, Suffers Second Security Breach in 6 Months
Cryptocurrency markets have been rattled yet again with the news of CoinsPaid encountering its second security breach within a short span of six months. The breach, reported by Web3 security firm Cyvers, resulted in unauthorized transactions amounting to over $7.5 million.
Security Breach Details
The breach was initially identified by Cyvers' advanced artificial intelligence system, which flagged multiple irregular transactions on January 6th. The breach allowed the withdrawal of approximately $6.1 million in various digital assets, including Tether (USDT), Ether (ETH), USD Coin (USDC), and CoinsPaid's native token CPD.
Cyvers' team shared on X (formerly Twitter) that the attacker converted about 97 million CPD tokens into Ether, valued at around $368,000. These funds were subsequently transferred to externally owned accounts (EOAs) and crypto exchanges MEXC, WhiteBit, and ChangeNOW. Notably, CoinGecko's data showcased CPD trading at $0.0006 during the incident, marking a staggering 39.5% decrease in value within 24 hours.
Further investigation by Cyvers revealed additional unauthorized transactions involving Binance Coin (BNB), totaling more than $1 million, culminating in the cumulative stolen amount nearing $7.5 million.
CoinsPaid: An Overview
CoinsPaid operates as an Estonian-based payment processor for digital assets, boasting a track record of processing over 19 billion euros in crypto transactions. However, despite its scale and prominence, the company has yet to release any official statement addressing the recent attack.
This incident isn't the first time CoinsPaid has fallen victim to such breaches. In July 2023, the platform experienced a breach resulting in the theft of over $37 million. CoinsPaid attributed this previous attack to the North Korean state-backed Lazarus Group, which employed highly sophisticated social engineering tactics targeting one of the platform's employees.
Post-Mortem and Attribution
In their post-mortem report of the hack, CoinsPaid pointed fingers at the Lazarus Group, highlighting the group's persistent attempts to infiltrate the platform. Initially unsuccessful in their efforts, the group shifted tactics to target employees directly. The Lazarus Group's involvement in various crypto hacks in 2023, as reported by blockchain intelligence firm TRM Labs, reinforces the severity of these cybersecurity threats.
Conclusion - Addressing Security Concerns in Crypto
Cybersecurity threats remain a significant challenge in the cryptocurrency landscape, impacting both established entities like CoinsPaid and emerging projects like MangoFarmSOL. As the industry navigates these challenges, it becomes increasingly vital for companies and users alike to prioritize robust security measures to safeguard against such breaches.
Q1: How did Cyvers initially detect the unauthorized transactions on CoinsPaid?
Cyvers detected irregular transactions through its advanced artificial intelligence system, flagging anomalies in the platform's transactional activity on January 6th.
Q2: What actions did the perpetrator take after the CoinsPaid breach?
The attacker converted CPD tokens to Ether, valued at approximately $368,000, and transferred these funds to external accounts and various crypto exchanges.
Q3: How did CoinsPaid attribute the previous breach to the Lazarus Group?
CoinsPaid's post-mortem report highlighted the Lazarus Group's persistent attempts to breach their system since March 2023. After multiple failed attempts, the group employed sophisticated social engineering tactics targeting CoinsPaid employees.