CoinsPaid Accuses North Korean Hackers Of Phony Job Interview To Steal $37 Million

2023-8-8 18:05

CoinsPaid, a cryptocurrency payments company headquartered in Estonia, has raised suspicions that the Lazarus Group, a group of hackers from North Korea, managed to breach its systems by utilizing deceptive recruiters who targeted company employees. 

According to an official blog post, CoinsPaid disclosed that the breach, which resulted in the theft of over $37 million on July 22, was orchestrated through a ruse wherein an employee was lured into downloading software under the pretense of a mock job interview, under the false guise of a technical assignment. 

The company revealed that this employee fell victim to a job offer propagated by the hackers, subsequently downloading the malicious code that ultimately facilitated the malevolent actors in pilfering sensitive data and acquiring unauthorized entry into the infrastructure of the crypto company.

Funding North Korea’s Illicit Nuclear Program

Cryptocurrency thefts are suspected to provide financial backing for North Korea’s unorthodox nuclear weapons initiative, based on the analysis of specialists in the field. The Lazarus Group, recognized for its involvement in cyberattacks, frequently employs analogous hacking methodologies to target exchanges, blockchains, and mixers, even utilizing identical crypto wallet addresses. 

We Know Exactly How Attackers Stole and Laundered $37M USD

CoinsPaid invited a partnership with @MatchSystems, in cooperation with law enforcement agencies and regulators, accompanies the process of returning stolen #crypto assets.

Read more: https://t.co/jLF3ICo603 pic.twitter.com/0gDy9CJcS7

— CoinsPaid (@coinspaid) August 7, 2023

This pattern of operation has led CoinsPaid to draw the inference that the infamous hacking collective, affiliated with the North Korean government, can be held accountable for the aforementioned hack.

CoinsPaid said:

“Having gained access to the CoinsPaid infrastructure, the attackers took advantage of a vulnerability in the cluster and opened a backdoor.”

The knowledge perpetrators obtained at the exploration stage enabled them to “reproduce legitimate requests for interaction interfaces” with the blockchain and “withdraw the company’s funds from our operational storage vault,” CoinsPaid added.

Lazarus Group’s Six-Month Pursuit Of CoinsPaid

Over a span of six months, the Lazarus Group engaged in an intricate process of meticulously observing and researching CoinsPaid’s intricate systems.

Their efforts encompassed a spectrum of attack methodologies, ranging from manipulative social engineering tactics to technically driven approaches such as Distributed Denial-of-Service assaults and relentless brute-force attempts — repeatedly submitting numerous passwords in the hopes of eventually stumbling upon the correct one.

The saga began in March, as the hackers initiated their assault on the firm. The company recounted the unceasing and remarkably aggressive barrage of spam and phishing campaigns directed at its team members during this period.

In response, CoinsPaid took the step of collaborating with Match Systems, a blockchain security firm, to trace the route of the stolen funds. The majority of these ill-gotten gains found their way to SwftSwap. 

According to CoinsPaid, a multitude of facets within the hackers’ transactions bore striking resemblances to the modus operandi of Lazarus, akin to the $35 million breach of Atomic Wallet in the preceding month of June. The company affirmed its commitment to vigilantly monitor any movement associated with these pilfered funds.

Featured image from Kyodo/AP Photo

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Bitcoin & Company Network (BITN) на Currencies.ru

$ 3.4E-5 (-0.68%)
Объем 24H $0
Изменеия 24h: 7.68 %, 7d: 5.02 %
Cегодня L: $3.4E-5 - H: $3.4E-5
Капитализация $0 Rank 3624
Доступно / Всего 0 BITN

company hackers coinspaid north group lazarus breach

company hackers → Результатов: 126


OpenSea Discord Server just got hacked

OpenSea is currently the largest and most extensive NFT marketplace, and unfortunately, the company’s Discord server was a victim of hackers, here’s more on this shocking development OpenSea: The Gold standard In more ways than one, OpenSea is the gold standard and poster child of the NFT space; the company has one of the most […] The post OpenSea Discord Server just got hacked appeared first on NFT News Today.

2022-5-7 14:16


Hackers Have Received Over $81M in Crypto since January Due to Ransomware: Chainalysis Report

Blockchain and crypto analytic firm Chainalysis has released its mid-year findings, which show that ransomware victims have paid approximately $81 million worth of crypto this year. The company noted that the $81 million figure is likely to rise in the coming days as more ransomware addresses are identified and, as such, the figure should be […] The post Hackers Have Received Over M in Crypto since January Due to Ransomware: Chainalysis Report first appeared on BitcoinExchangeGuide.

2021-5-17 18:59


Фото:

Report: Colonial Pipeline Paid $5M Worth in Crypto to Ransomware Gang, Restarts Services

The global oil market was shaken by news from the United States as a ransomware attack hit the largest oil infrastructure operation in the country. A recent report claims hackers asked Colonial Pipeline to pay for an undisclosed amount in ransom to unlock the firm’s system – a demand the company allegedly fulfilled. Darkside Gang […]

2021-5-15 23:00


Foxconn Ransomware Attackers Demanded $35 Million Payment In Bitcoin (BTC) to Decrypt Files

According to reports from BleepingComputer, Foxconn, one of the largest electronic companies in the world, was faced with a ransomware attack by a popular hacking group, DopperPaymer. The report confirms the hack was first noticed on November 29th when the hackers gave the company 3 days to make a ransom payment to an unknown wallet […] The post Foxconn Ransomware Attackers Demanded Million Payment In Bitcoin (BTC) to Decrypt Files first appeared on BitcoinExchangeGuide.

2020-12-9 21:19


Фото:

Former Uber CSO Tried To Cover Up 2016 Hack By Paying $100k In Bitcoin To The Hackers

Uber’s former Chief Security Officer is currently at odds with the law after the authorities found out about what he did while working for the ride-hailing company back in 2016. Apparently, Joseph Sullivan decided to not involve the authorities when Uber was hacked and the criminals demanded $100,000 in Bitcoin. The then CSO is alleged […]

2020-8-21 19:21


US Travel Firm Pays 414 Bitcoin worth $4.5 million to Hackers

US travel management company CWT paid 414 Bitcoin, worth $4.5 million, to hackers who stole sensitive corporate files and reportedly knocked 30,000 computers offline. Crypto exchange Binance CEO said, “Again, not bitcoin's fault, but as we inevitably evolve into a more digital civilization, all businesses new and old will need to revamp their security practices.” […]

2020-8-2 01:30