Crypto payments platform CoinsPaid loses $37M, points finger at Lazarus Group


European crypto payment platform CoinsPaid suffered a cyberattack that ended in $37.3 million going missing. While it suspects the North Korean Lazarus Group as the culprit, the Estonian firm boasts a “record low” reward for the cybercriminals.

Lazarus Group’s previous crypto heists resulted in tens or even hundreds of millions of dollars in losses. For example, they’ve managed to snatch $721 million worth of cryptocurrency assets from Japan since 2017, grabbed $625m worth of cryptocurrencies from the Ronin exchange, and more recently stole $64 million related to the Harmony blockchain hack.

To the Estonian crypto firm, 37.3 million dollars pales in comparison.

“In response to the attack, the company's dedicated team of experts has worked tirelessly to fortify our systems and minimize the impact, leaving Lazarus with a record-low reward,” CoinsPaid writes in its press release. “Indeed, our security measures and procedures allowed CoinsPaid to prevent a higher loss of funds.”

The firm states that client funds weren’t affected and are fully available, and processing activities have been restored. However, the attack reduced the platform’s availability and decreased the company’s revenue.

“We believe that Lazarus expected the attack on CoinsPaid to be much more successful,” the firm writes.

The cyberattack occurred on July 22nd. CoinsPaid initiated an investigation to track and mark stolen funds via various blockchain analytics tools and filed an official report with the Estonian law enforcement agency on July 25th.

"After the partial downtime, our services are getting up and running one by one in the new secured environment. We expect it to take a few more days to sort out minor details and ensure the system works smoothly," Max Krupyshev, CoinsPaid CEO, said.

He promised that CoinsPaid would recover and continue to deliver payment solutions, despite the incident. Within a few weeks, the company will organize a roundtable with all victims of the Lazarus attack aimed at minimizing and preventing such incidents in the future.

The CoinsPaid hack might be linked to two recent crypto provider exploits, according to the blockchain security firm MistTrack. Atomic Wallet and Alphapo lost $100 million and $60 million, respectively.

Having over 230 employees from 30 countries and operating in Europe and Latin America, CoinsPaid enables businesses to accept cryptocurrencies. According to the firm, by April 2023, it processed over €23 billion in crypto, over €1 billion monthly, and services more than 800 merchants.

Lazarus Group stands behind many cybercrimes worldwide and is one of the most notorious North Korean cybercriminals, significantly contributing to the country’s economy.