CoinsPaid, a payment processor offering solutions to bridge the gap between companies that generally operate within the traditional finance system and customers who wish to pay in crypto, has suffered its second major security breach within the past half year.
According to its website, over a million transactions with a total value of approximately 7 million EUR are carried out with their help every month. To date, CoinsPaid claims to have processed more than 19 billion euros worth of crypto transactions.
Lazarus Group Responsible for First Hack
On the 22nd of July, CoinsPaid suffered an attack that resulted in a loss of $37.3 million. At the time, the firm ceased operations for four days while preiskuje the breach with the help of Binance, Chainalysis, and others.
Following a post-mortem, the investigators concluded that the infamous North Korean Lazarus Group was responsible for the attack. By staging a job interview with one of CoinsPaid’s employees, Lazarus was able to trick the employee into downloading some malicious code that eventually allowed them to send authorized withdrawal requests to the firm’s hot wallets, although the wallets themselves were never prekršil.
Allegedly, this convoluted breach happened only after several months of attempts to bypass the platform’s security measures in a more traditional manner.
"Notranji varnostni ukrepi so sprožili alarmni sistem in nam omogočili, da smo hitro zaustavili zlonamerno dejavnost in hekerje vrgli izven območja podjetja."
Unfortunately, the platform has found itself under attack yet again, although it is unclear whether Lazarus is behind this one as well.
Cyvers Detects Unauthorized Access
Late last week, blockchain cybersecurity firm Cyvers sounded the alarm on a series of unauthorized transactions involving USDT, USDC, ETH, BNB, and the platform’s own token, CPD.
Altogether, $7.5 million was stolen from CoinsPaid and moved to an external denarnica. The funds were then rerouted to crypto exchanges such as ChangeNOW, WhiteBit, MEXC, and others.
🚨POSODOBITEV🚨Po dodatni preiskavi je naš sistem zaznal več nepooblaščenih transakcij na #BNB preveč vpleteno @coinspaid
Heker ima še 1 milijon dolarjev vredna digitalna sredstva 924K BSC-USD in 268.5 $ BNB.
Skupna izguba znaša 7.5 milijona dolarjevHacker’s address:… https://t.co/877vBm0Uah pic.twitter.com/xD6tg9QznK
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) Januar 6, 2024
The attack pattern seems similar to the one used in July, raising the possibility that perhaps the bad actor’s access to the platform was not completely purged by the CoinsPaid team due to human oversight.
Although the scope of the attack is not nearly as large as the previous one, the amount stolen is nevertheless roughly equal to the numbers CoinsPaid claims to process monthly.
Until now, the platform has not released any official statement on the matter.
Binance brezplačno 100 $ (ekskluzivno): Uporabite to povezavo da se registrirate in prejmete 100 $ brezplačno in 10 % popusta na Binance Futures prvi mesec (Pogoji).
- Distribucija vsebine in PR s pomočjo SEO. Okrepite se še danes.
- PlatoData.Network Vertical Generative Ai. Opolnomočite se. Dostopite tukaj.
- PlatoAiStream. Web3 Intelligence. Razširjeno znanje. Dostopite tukaj.
- PlatoESG. Ogljik, CleanTech, Energija, Okolje, sončna energija, Ravnanje z odpadki. Dostopite tukaj.
- PlatoHealth. Obveščanje o biotehnologiji in kliničnih preskušanjih. Dostopite tukaj.
- vir: https://cryptopotato.com/crypto-payment-gateway-coinspaid-hacked-yet-again/
- :ima
- : je
- :ne
- 1
- 19
- 7
- a
- Sposobna
- dostop
- dejavnost
- Naslov
- po
- spet
- AI
- Alarm
- Opozorila
- dovoljene
- Prav tako
- Čeprav
- znesek
- an
- in
- Še ena
- kaj
- približno
- SE
- AS
- Sredstva
- At
- napad
- Poskusi
- pooblaščeni
- ozadje
- Slab
- banner
- zadaj
- med
- Billion
- binance
- Terminske pogodbe Binance
- blockchain
- bnb
- meja
- kršitev
- MOST
- by
- bypass
- prenašal
- verigo
- Changenow
- terjatve
- Koda
- barva
- Podjetja
- Podjetja
- popolnoma
- sklenjene
- vsebina
- kripto
- Kriptovalute
- kripto plačilo
- kripto transakcije
- Stranke, ki so
- Cybersecurity
- Datum
- Dnevi
- Zaznali
- digitalni
- Digitalna sredstva
- nalaganje
- 2
- Zaposlen
- Zaposleni
- konec
- uživajte
- enako
- ETH
- EUR
- evrov
- sčasoma
- Tudi vsak
- Izmenjave
- Ekskluzivno
- zunanja
- pristojbine
- financiranje
- Firm
- prva
- za
- je pokazala,
- štiri
- brezplačno
- iz
- Skladi
- Terminske pogodbe
- vrzel
- Prehod
- splošno
- prisodil
- skupina
- kramp
- hekerji
- Pol
- se je zgodilo
- Imajo
- pomoč
- HOT
- HTTPS
- človeškega
- in
- zloglasni
- notranji
- Intervju
- v
- preiskava
- Preiskovalci
- vključujejo
- IT
- ITS
- sam
- Job
- jpg
- julij
- Korejski
- velika
- Zadnja
- Lazarus
- Skupina Lazarus
- kot
- off
- velika
- zlonamerno
- Način
- Marža
- Matter
- ukrepe
- MEX
- morda
- milijonov
- mesec
- mesečno
- mesecev
- več
- premaknjeno
- skoraj
- Kljub temu
- Noben
- sever
- zdaj
- številke
- of
- off
- ponudba
- ponujanje
- Uradni
- on
- ONE
- samo
- deluje
- operacije
- drugi
- naši
- ven
- več
- Nadzor
- lastne
- preteklosti
- Vzorec
- Plačajte
- Plačilo
- plačilni procesor
- mogoče
- platforma
- Platforme
- platon
- Platonova podatkovna inteligenca
- PlatoData
- možnost
- prejšnja
- Postopek
- Predelano
- Procesor
- dvig
- reading
- prejeti
- Registracija
- sprosti
- zahteva
- odgovorna
- grobo
- Obseg
- drugi
- varnost
- Varnostni ukrepi
- Zdi se,
- pošljite
- Serija
- več
- Delite s prijatelji, znanci, družino in partnerji :-)
- Podoben
- trdna
- rešitve
- nekaj
- Zvok
- Sponzorirane
- uprizoritev
- Izjava
- ukradeno
- stop
- taka
- trpel
- hitro
- sistem
- skupina
- kot
- da
- O
- njihove
- Njih
- sami
- POTEM
- ta
- čas
- do
- skupaj
- žeton
- tudi
- Skupaj za plačilo
- tradicionalna
- tradicionalne finance
- Transakcije
- sprožilo
- nepooblaščeno
- pod
- us
- USDC
- USDT
- Rabljeni
- vrednost
- Denarnice
- je
- Spletna stran
- teden
- Dobro
- so bili
- ali
- WHO
- želijo
- z
- umik
- v
- vredno
- leto
- še
- Vaša rutina za
- zefirnet