The crypto world was shaken recently by a surprising incident where CoinsPaid, a leading crypto payment provider, lost a staggering $37 million to cybercriminals. Interestingly, this was not a typical attack. It was a meticulously planned operation that exploited an unsuspecting employee through a fake job interview.
Is Lazarus Striking Again?
The notorious Lazarus group, emerging from the shadows of North Korea’s cyber infrastructure, seems to have added another notch to their exploits. Their methods involved posing as a recruitment officer for Crypto.com, a reputable exchange based in Singapore. This facade was convincing enough to lure a CoinsPaid employee into a 40-minute virtual interview. Under the guise of a “technical test,” the employee was deceived into downloading malicious software and inadvertently handed over the keys to the hackers.
When CoinsPaid detected and intervened in the breach, a significant amount had already been drained. Pavel Kashuba, the CFO of CoinsPaid, aptly described the speed of the operation, saying:
The attack itself was very swift, they are professionals.
The meticulous planning and execution prior to the heist demonstrate the group’s commitment to their mission. Over a span of six months, the group diligently gathered information about CoinsPaid, including its organizational structure, personnel details, and potential vulnerabilities. Their efforts paid off in millions of dollars.
What’s the Status of the Trail?
In the aftermath of the heist, concealing the trace of the stolen cryptocurrency became crucial for the perpetrators. Advanced techniques such as using the Sinbad mixer and various exchange services made it harder for analysts to track the whereabouts of the stolen assets by allowing the hiding of traceable cryptocurrencies.
In the blockchain world, where transparency is a fundamental pillar, these actions highlight how far criminals can go to cover their tracks. Kashuba emphasized the magnitude of the operation, stating:
To embark on such a large-scale corporate espionage operation, you need a substantial amount of resources.
Another Tale of Crypto Misfortune
Meanwhile, in another corner of the crypto universe, Curve, a DeFi lending protocol, faced its own challenges. A brazen hacker stole $73.5 million worth of crypto assets, mostly Ethereum. Surprisingly, after negotiations, the hacker returned approximately $52.3 million following a direct communication with Curve on the Ethereum blockchain.
However, the Curve saga continues to unravel. Despite the partial recovery of the assets, the search for the individual or group behind the attack persists. As an incentive, Curve announced a reward of $1.85 million for information that leads to the legal conviction of the responsible parties.
