• Crypto payment gateway CoinsPaid has been hacked.

  • The payment gateway is experiencing its second security breach in the past six months.

Crypto payment gateway CoinsPaid has experienced its second security breach in the past six months, with Web3 security firm Cyvers reporting unauthorized transactions totaling nearly $7.5 million. 

UPDATEAfter more investigation, our system has detected more unauthorized transactions on #BNB too involving @coinspaid

Hacker has got another $1M worth of digital assets 924K BSC-USD and 268.5 $BNB.All together total loss is $7.5M

Hacker's address:… https://t.co/877vBm0Uah pic.twitter.com/xD6tg9QznK

— Cyvers Alerts (@CyversAlerts) January 6, 2024

Cyvers detected multiple irregular transactions on January 6, leading to the withdrawal of $6.1 million worth of digital assets in Tether (USDT), Ether (ETH), USD Coin (USDC), and CoinsPaid’s native token CPD.

See Also: North Korean Hacking Group Lazarus Withdraws $1.2M of Bitcoin From Coin Mixer

The attacker swapped around 97 million CPD tokens worth approximately $368,000 for ETH and moved the funds to externally owned accounts (EOAs) and crypto exchanges MEXC, WhiteBit, and ChangeNOW. 

Further analysis by Cyvers identified unauthorized transactions involving BNB worth more than $1 million, bringing the total amount stolen close to $7.5 million.

CoinsPaid, an Estonian payment processor for digital assets, has yet to publicly comment on the attack.

The company claims to have processed over 19 billion euros in crypto transactions. In July 2023, CoinsPaid suffered another security breach resulting in the theft of more than $37 billion. 

The company blamed the North Korean state-backed Lazarus Group for the incident, alleging that the group used a fake job interview to trick an employee into downloading a malicious code, providing the attackers with access to CoinsPaid’s infrastructure.

See Also: Bit24.cash Crypto Exchange Exposed KYC Data Of 230,000 Users

The Lazarus Group is believed to be behind several crypto hacks in 2023. Blockchain intelligence firm TRM Labs reported that the group stole at least $600 million in crypto last year.

The post Crypto Payments Platform CoinsPaid Hacked For $7.5M, Second Exploit In Six Months appeared first on BitcoinWorld.