In a new report, Estonia’s preeminent crypto payment and personal wallet provider, CoinsPaid, has revealed the intricate workings of a hacking incident that led to a colossal loss of $37 million.
This audacious breach was reportedly the culmination of a six-month saga marked by calculated maneuvers and sophisticated tactics, orchestrated by none other than the notorious Lazarus Group.
Collaborating with Match Systems, CoinsPaid embarked on a comprehensive inquiry, unearthing the modus operandi of the hacking group and exposing the subsequent laundering of pilfered assets in a post.
Elaborate 6-Month Operation By Lazarus Group
The ploy, characterized by an extraordinary level of meticulousness, spanned half a year, revealing the calculated and relentless nature of the hack. Employing a blend of social engineering and technical strategies, the hackers engaged in a series of Distributed Denial-of-Service and brute-force attacks.
Their calculated approach culminated in a July 22 breach with the manipulation of a CoinsPaid employee, ensnaring them through a falsified job proposition. The ordeal began innocently enough, as a CoinsPaid employee embarked on a video interview for what appeared to be an enticing career prospect, facilitated via LinkedIn.
Little did they know that the seemingly innocuous task of downloading a technical assessment was part of an elaborate ruse orchestrated by the hackers. This single act granted the hackers access to CoinsPaid’s systems, allowing them to exploit software vulnerabilities and authorize unauthorized withdrawals from the company’s hot wallets.
The hacker executed a swift sequence of unauthorized withdrawals, swiftly depleting the company’s coffers in less than an hour of operation. In total, CoinsPaid lost $37.3 million in the attack.
CoinsPaid Moving Forward From The Incident
CoinsPaid’s exhaustive post-mortem report reveals invaluable lessons extracted from the breach. The report highlights the importance of training employees to identify social engineering tactics, including job offers that might be a ploy to gain access to internal systems.
The report also explains the adoption of principles like the Separation of Duties and Least Privilege, advocating for the implementation of robust monitoring and alert systems to detect suspicious activities.
Following the report, CoinsPaid will be hosting a roundtable discussion involving blockchain-based entities, aiming to collectively address the escalating threat posed by hacking incidents.
In the wake of the exploit, the payments platform assured customers that none of their funds were affected. The company also resumed all activities less than a week after the hack took place.
The Lazarus Group is believed to have stolen over $3.8 billion in digital assets from crypto exchanges and decentralized finance (DeFi) services since it became active.