North Korea's Lazarus Group Suspected in $37 Million Hack on CoinsPaid
North Korean hackers at the infamous Lazarus Group are suspected to be behind a $37 million attack on crypto payment system CoinsPaid.
The attack, which happened on July 22, successfully drained funds from the company’s own reserves, while customer deposits were unaffected, CoinsPaid said in a statement.
“We suspect Lazarus Group, one of the most powerful hacker organisations, is responsible,” the company added.
In the statement, the company also apologized to users that the attack affected the availability of its platform, which went offline as a result of the hack.
The firm also said it believes the hackers expected the attack to be much more successful than it turned out.
“In response to the attack, the company's dedicated team of experts has worked tirelessly to fortify our systems and minimise the impact, leaving Lazarus with a record-low reward,” the statement from CoinsPaid said.
Transactions again being processed
CoinsPaid is now back to processing transactions again after stopping all services following the attack.
In a comment, CoinsPaid CEO Max Krupyshev said the focus now is on getting all systems back to normal after shutting them down earlier.
“After the partial downtime, our services are getting up and running one by one in the new secured environment. We expect it to take a few more days to sort out minor details and ensure the system works smoothly,” he said.
Among the world’s most infamous hacking groups
Lazarus Group is one of the most infamous hacker organizations in the world.
The group is believed to be behind several major crypto heists, with at least part of the stolen money allegedly being used to pay for North Korea’s nuclear weapons’ and ballistic missile program.
Among the best-known is Axie Infinity’s Ronin bridge hack, which the US Treasury Department and FBI has said Lazarus Group was behind.