Overview of the Cyber Heist
On August 3, 2023, the crypto payment processor CoinsPaid announced its recovery following a significant hack by the North Korean cybercrime group Lazarus. As reported by Scam-Or Project, the cyberattack resulted in the theft of approximately $37 million in cryptocurrency. Despite this, CoinsPaid has demonstrated resilience by restoring its operations and regaining customer trust.
Key Recovery Milestones
CoinsPaid’s response to the hack highlights its commitment to operational stability and security:
- Rapid Platform Restoration:
- The platform was back online within two days of the attack.
- Within a week, CoinsPaid was processing 80% of its pre-incident transaction volume.
- Manual Processing During Migration:
- All payment requests were manually processed during the transition to a more secure infrastructure.
- Ensured accuracy and minimized the risk of errors.
- Customer Assurance:
- CoinsPaid guarantees that all customer funds are safe and have been fully paid out.
Enhanced Security Measures
In response to the attack, CoinsPaid implemented robust security protocols to safeguard its platform:
- Complete Isolation:
- Isolation from external access to critical systems.
- Network Traffic Restriction:
- Maximum limitation of outgoing network traffic.
- Employee Access Control:
- Restricted employee access to interconnections.
- Internal Audits:
- Regular audits conducted at all operational levels.
CEO Commentary
Max Krupyshev, CEO of CoinsPaid, remarked:
“This was a valuable stress test, but now we are moving forward. Security remains our utmost priority, and we have already initiated negotiations with the world’s leading cybersecurity audit providers.”
Investigation and Future Plans
CoinsPaid is collaborating with law enforcement agencies and Match Systems to investigate the incident. Key aspects include:
- Ongoing Investigations:
- Law enforcement agencies are actively involved.
- Internal investigations may lead to a public report in the coming days.
- Industry Collaboration:
- A planned conference and panel discussion with other victims of the Lazarus Group.
- Introduction of a new initiative to mitigate and prevent future attacks.
- Commitment to Security:
- Leveraging the experience to create a safer cryptocurrency market.
CoinsPaid Recovery Highlights
| Aspect | Details |
| Hack Details | $37 million stolen by Lazarus Group |
| Recovery Time | 2 days to restore platform operations |
| Transaction Volume Restored | 80% within one week |
| New Security Measures | Isolation, restricted access, and internal audits |
Share Information
If you have any information about CoinsPaid, the Lazarus Group, or related activities, please report it via our whistleblower platform, Whistle42. Your insights are crucial in strengthening the cryptocurrency market against cyber threats.