CoinsPaid, a crypto payment gateway that serves over 600 businesses worldwide, has been hacked for the second time in six months, losing $7.5M worth of cryptocurrency.
The breach was detected and reported by Cyvers AI web3 security firm, on January 7, 2024.
According to Cyvers, the hackers exploited a vulnerability in CoinsPaid’s hot wallet system, which stores funds for immediate transactions.
The hackers managed to transfer over $7.5 million of crypto to their own wallets, before CoinsPaid noticed the anomaly and stopped the outflow.
CoinsPaid hasn’t yet said anything about the incident but Cyvers states that it is working with law enforcement and blockchain security firms to investigate the attack and recover the funds
The company also assured its customers that their funds are safe and that the hack only affected CoinsPaid’s own balance.
There are suspecions that the hack may be linked to the notorious Lazarus Group, a cybercrime organization backed by North Korea, which has been targeting crypto platforms for years.
It has been noted that the hackers used similar tactics and money laundering schemes as Lazarus did in previous attacks, such as the Atomic Wallet hack in July 2023, which resulted in the theft of $100M in crypto.
Lazarus is one of the most sophisticated and dangerous hacker groups in the world, and they have been ramping up their activities in the web3 sector.
This is not the first time that CoinsPaid has been hacked.
In July 2023, the company suffered a massive breach that led to the loss of $37.3M in crypto due to a security breach suffered through a fake job interview application.
CoinsPaid blamed the Lazarus Group for that attack as well, and claimed to have improved its security measures since then.