CoinsPaid suffered a second hack in six months. Indeed, the digital assets payment company was exploited for around $7.5 million worth of cryptocurrencies on January 5.
Blockchain security firm Cyvers attributed the security breach to the platform’s inadequate wallet access control measures.
CoinsPaid Hacked Again
Hackers managed to part way with various cryptocurrencies, comprising 4.5 million USDT, 500 ETH, 106,000 USDC, 924,000 BSC-USD, 268.5 BNB, and 97 million CPD.
The perpetrators converted the stolen assets into ETH and transferred them to externally owned accounts on both the Ethereum and BNB chains. They also funneled the funds into several centralized exchanges, such as MEXC, ChangeNow, and WhiteBit.
The identity of the attackers remains unknown. However, Cyvers suspects it might still be the notorious Lazarus Group.
“The root cause of the incident is inadequate wallet access control. Notably, the exchange had previously been alerted to potential vulnerabilities in July 2023 by Cyvers, when the Coinspaid system and Alphapo suffered a $100 million theft linked to the North Korean Lazarus group,” analysts at Cyvers told BeInCrypto.
Read more: Crypto Project Security: A Guide to Early Threat Detection
Regrettably, this is not CoinsPaid’s first encounter with security breaches. The North Korea-backed hackers Lazarus Group previously targeted CoinsPaid in July 2023. At the time, the platform lost about $37.3 million and reported the incident to law enforcement agencies.
Lazarus Group is a well-known entity responsible for the hacks of multiple crypto platforms like Ronin Bridge, Harmony Bridge, and Atomic Wallet. These attacks resulted in the cumulative losses of hundreds of millions in cryptocurrencies.
Crypto Exploits On the Rise
In the early days of the new year, the cryptocurrency industry faced several security challenges, witnessing prominent projects falling victim to hacks and exploits.
Beginning the year with adversity, Orbit Chain, a decentralized cross-chain protocol, suffered a staggering loss of over $81 million. This breach resulted from hackers accessing seven of its ten multisig signers. Following closely, Radiant Capital lost $4.5 million due to a smart contract breach on January 3.
Read more: Top 5 Flaws in Crypto Security and How To Avoid Them
The situation persisted as Gamma fell prey to exploiters who conducted a price manipulation attack, resulting in a $4 million loss. These incidents collectively accounted for nearly $100 million in losses for crypto projects within the inaugural week of 2024.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Credit: Source link