CoinsPaid, a crypto payments platform, has confirmed that it was hacked for $37.3 million after abruptly suspending withdrawals earlier this week.
In a blog post on Wednesday, the firm said it suspected that state-backed North Korean hackers from the Lazarus Group were behind the attack on its platform on July 22 – one that CoinsPaid believes would have resulted in a far higher loss of funds if the team hadn’t stepped in as quickly to implement security measures.
“In response to the attack, the company’s dedicated team of experts has worked tirelessly to fortify our systems and minimise the impact, leaving Lazarus with a record-low reward,” said CoinsPaid.
The firm also assured users that all customer funds stayed intact, and said it was working with Estonian law enforcement on an official investigation into the hack.
Earlier this week, CoinsPaid suspended withdrawals citing a “technical issue” in tweets that have since been deleted.
On Tuesday, prominent Bitcoin advocate Jameson Lopp highlighted a series of consolidated UTXO transactions originating from the platform, which were sent with a much higher fee than required.
Based upon information I've received from Coinspaid users, this is looking more like a hack than a simple UTXO cleanup, which would make sense. Hackers tend to be in a hurry and are happy to pay high fees to steal funds.
* Coinspaid has suspended withdrawals and are cagey about…
— Jameson Lopp (@lopp) July 25, 2023
When Lopp suggested that the transactions looked “more like a hack,” CoinsPaid responded by saying the team was “aware of the issue” and was “working on a solution,” but did not confirm that its platform had been compromised until earlier today.