Cryptocurrency processing platform, CoinsPaid, recently faced a major setback when it fell victim to a significant hack on July 22. The security breach led to a temporary halt in operations for four days, raising concerns within the crypto industry. Now, as the platform resumes its services, all eyes are on the identity of the hackers responsible for the attack.

In an official press release issued on July 26, CoinsPaid confirmed the breach in their security systems, resulting in a loss of $37.5 million. The company identified the Lazarus Group, a North Korean state-backed hacker organization known for its notorious cyber activities, as the perpetrator.

Despite the successful theft of funds, CoinsPaid managed to minimize the damage caused by the attack. Working tirelessly, the platform has fortressed its security architecture to mitigate future risks and prevent similar incidents from occurring again. Importantly, no client funds were compromised during the attack.

CoinsPaid promptly contacted the Estonian law enforcement agency to initiate a thorough investigation into the attack. Additionally, well-established blockchain security platforms such as Crystal, Chainalysis, and Match Systems joined forces with CoinsPaid in the initial stages of the investigation.

Looking towards the future, CoinsPaid plans to host a roundtable discussion to address the Lazarus Group attacks, inviting all affected parties. The aim is to explore innovative initiatives that can curb and prevent such attacks in the future. Industry leaders such as Binance, Bitfinex, Kraken, OKX, and Coinbase have been specifically encouraged to participate, underscoring the importance of collective action in safeguarding the crypto industry.

The term “Lazarus Group” broadly refers to a cyber collective originating from North Korea, infamous for launching targeted attacks on high-profile organizations across 30 countries. Over the years, the group has successfully targeted entities like Sony, Alphapo, Atomic Wallet, Axie Infinity, and Horizon Bridge, resulting in significant financial losses for the victims.

To execute its nefarious activities, the Lazarus Group employs a social engineering approach specifically targeting cybersecurity and cryptocurrency ecosystem operators. Through the deceptive use of malware-infected NPM packages, the group aims to compromise their computers and extract valuable information.

Online coding platform GitHub has been a common entry point for the Lazarus Group to communicate with potential victims, typically initiating relationships via platforms like WhatsApp. By cloning GitHub repositories, the group gains unauthorized access to sensitive data, exploiting their victims.

Amidst these evolving cyber threats, software developers are recommended to exercise caution by meticulously evaluating repository invitations received on social media platforms. It is crucial to identify and avoid installing harmful npm packages through thorough scrutiny and adherence to secure installation practices.

CoinsPaid’s swift response to the recent attack demonstrates its commitment to fortifying its security measures and providing its clients with first-class payment solutions. By mobilizing industry leaders and fostering collective efforts, the crypto community can enhance its resilience against hacking attempts, ensuring the safety and stability of the digital ecosystem.

Disclaimer: The information provided in this research report is for informational purposes only and should not be interpreted as financial or investment advice. The NFT and cryptocurrency market is highly volatile, and readers should conduct thorough research before making any investment decisions.