350% or 5BTC + 150 Spins!
New players only. Exclusive Welcome Bonus of 350% + 150 Free Spins
On January 5, CoinsPaid, an Estonian crypto-payments service provider, experienced a significant cyberattack. Hackers successfully stole approximately $7.5 million in cryptocurrency from the Binance (BNB) and Ethereum (ETH) chains. This event marked another security breach for CoinsPaid, following a previous incident in July 2023, where the company lost $37.3 million to hackers.
The recent breach was initially detected and reported by Cyvers, a real-time security alert system, through its social media channels. Despite the company’s efforts to compensate customers for past losses using its reserves, the repeated attacks raise concerns about its security measures.
The identity of the attackers remains uncertain, but the Cyvers team speculates that the Lazarus group, known for its links to North Korea, could be involved. This suspicion is grounded in the group’s history; they were implicated in a massive $100 million theft from CoinsPaid and Alphapo in July 2023.
Following the January 5 theft, the hackers reportedly converted the stolen assets into Ethereum and dispersed them across various externally owned accounts (EOAs) on both the ETH and BNB chains. Some of the stolen funds were also tracked to WhiteBit, MEXC, and ChangeNow exchanges.
One of the affected exchanges, WhiteBit, released an official statement commenting:
“We are aware of attempts to deposit funds stolen in the Coinspaid incident to WhiteBIT.
“Security and compliance with AML standards is one of WhiteBIT’s main priorities. Therefore, we have frozen the funds in question and are conducting the relevant procedures.”
A critical factor contributing to this incident was inadequate wallet access control within CoinsPaid. Notably, the company had been warned by Cyvers about potential vulnerabilities in their system back in July 2023, the same time when the massive theft linked to the Lazarus group occurred.