This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties.  Members and Law enforcement use only. Contact us for any permissions.  To do otherwise will result in the loss of membership.

Complete Story
 

01/07/2024

CoinsPaid Suffers $7.5M Crypto Theft in Second Cyber Attack

The Crypto Times

The crypto-payment provider, CoinsPaid, fell victim to a cyberattack, resulting in a $7.5 million cryptocurrency theft from Binance and Ethereum chains, according to Cyvers.

This marks the second breach for CoinsPaid, following a $37.3 million hack in July 2023. The perpetrator remains unknown, but suspicions point to the Lazarus group, previously linked to the company’s security woes. 

CyVers CEO, Deddy Lavid, highlighted inadequate wallet access control as the root cause. The hacker converted stolen assets to ETH and spread them across various accounts on ETH and BNB chains. 

Some funds were deposited into exchanges like WhiteBit and MEXC. CoinsPaid had previously been alerted to vulnerabilities by Cyvers in July 2023. Investigations revealed the Lazarus group’s involvement, employing social engineering tactics. 

The group, notorious for stealing $3 billion in crypto over six years, targeted CoinsPaid employees with fake job offers, compromising internal systems.

Read more...

Printer-Friendly Version


Resources

Alerts

The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information
Resources

Resources

Your electronic library to help in fighting financial fraud for all of our partners.

more information