CoinsPaid, a cryptocurrency payments platform, reported a hacking incident on July 22, during which $37.3 million was stolen. The company believes the North Korean state-backed Lazarus Group, a powerful hacking organization, is responsible for the attack. Although the hack forced CoinsPaid to suspend operations for four days, customer funds remain intact. However, the platform and the company's balance sheet suffered significant damage.
CoinsPaid suspects that Lazarus Group had anticipated a much larger haul from the attack. Despite the incident, CoinsPaid's team worked tirelessly to fortify their systems and minimize the impact, leaving the hackers with a relatively small reward.
Following the hack, CoinsPaid collaborated with Estonian law enforcement and engaged several blockchain security firms, including Chainalysis, Match Systems, and Crystal, to investigate the exploit. The CEO of CoinsPaid, Max Krupyshev, expressed confidence that the hackers would be held accountable for their actions.
Additionally, there are indications that Lazarus Group has been conducting a social engineering scheme aimed at workers in the cryptocurrency and cybersecurity sectors. Online coding platform GitHub reported that Lazarus Group has been attempting to compromise GitHub accounts with malware-infected NPM packages to gain access to computers.
Moreover, another blockchain security firm, SlowMist, believes that the CoinsPaid hack may be connected to two recent hacks in Atomic Wallet and Alphapo, resulting in losses of $100 million and $60 million, respectively.
To protect themselves, software developers are advised to review repository invitations carefully before collaborating and to be cautious when unexpectedly approached on social media to install npm packages.