Crypto payment gateway CoinsPaid has experienced its second security breach in the past six months.
Crypto payment gateway CoinsPaid has experienced its second security breach in the past six months, with Web3 security firm Cyvers reporting unauthorized transactions totaling nearly $7.5 million. Cyvers detected multiple irregular transactions on January 6, leading to the withdrawal of $6.1 million worth of digital assets in Tether (USDT), Ether (ETH), USD Coin (USDC), and CoinsPaid's native token CPD.
The attacker swapped around 97 million CPD tokens worth approximately $368,000 for ETH and moved the funds to externally owned accounts (EOAs) and crypto exchanges MEXC, WhiteBit, and ChangeNOW. Further analysis by Cyvers identified unauthorized transactions involving BNB worth more than $1 million, bringing the total amount stolen close to $7.5 million.
CoinsPaid, an Estonian payment processor for digital assets, has yet to publicly comment on the attack.
The company claims to have processed over 19 billion euros in crypto transactions. In July 2023, CoinsPaid suffered another security breach resulting in the theft of more than $37 billion. The company blamed the North Korean state-backed Lazarus Group for the incident, alleging that the group used a fake job interview to trick an employee into downloading a malicious code, providing the attackers with access to CoinsPaid's infrastructure.
The Lazarus Group is believed to be behind several crypto hacks in 2023. Blockchain intelligence firm TRM Labs reported that the group stole at least $600 million in crypto last year.
Let us know what you loved about this article, what could be improved, or share any other feedback by filling out this short form.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
