{"id":82248,"date":"2023-07-27T11:15:06","date_gmt":"2023-07-27T08:15:06","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=82248"},"modified":"2025-09-12T03:52:48","modified_gmt":"2025-09-12T00:52:48","slug":"lazarus-group-suspected-in-coinspaid-hack-worth-37-million","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/lazarus-group-suspected-in-coinspaid-hack-worth-37-million\/","title":{"rendered":"Lazarus Group Suspected in CoinsPaid Hack Worth $37 Million"},"content":{"rendered":"<p>The payments service CoinsPaid <a href=\"https:\/\/coinspaid.com\/tpost\/0zx28tmj51-coinspaid-is-back-to-processing-after-be\">\u0432\u043e\u0437\u043e\u0431\u043d\u043e\u0432\u0438\u043b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438<\/a> after a $37 million hack on July 22. The developers suspect involvement of the North Korean Lazarus Group.<\/p>\n<p>Representatives said that client funds were not affected, but the breach affected the platform\u2019s availability and revenue.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00abLazarus probably expected the attack on CoinsPaid to be more successful. In response to the breach, the company\u2019s dedicated team of experts has worked tirelessly to bolster our systems and minimise the consequences. The security measures and procedures allowed the platform to prevent a larger loss of funds\u00bb, \u2014 says in the firm\u2019s statement.<\/p>\n<\/blockquote>\n<p>In the wake of the attack, the platform immediately launched an investigation to track and tag the stolen funds. The project is assisted by Crystal, Chainalysis, Match Systems, Valkyrieinvest, Staked.us, OKCoinJapan and Binance.<\/p>\n<p>The firm has also filed a police report. According to CoinsPaid CEO Max Krupyshev, it will take several more days to restore all project systems.<\/p>\n<p>Analysts at the firm noted that the Lazarus Group allegedly is responsible for hacks at other crypto companies, including the sidechain <a href=\"https:\/\/forklog.com\/en\/news\/ronin-the-ethereum-sidechain-hacked-attacker-siphons-625-million\">Ronin<\/a>, the wallet <a href=\"https:\/\/forklog.com\/en\/news\/atomic-wallet-hack-losses-exceed-35-million\">Atomic Wallet<\/a>, the platform <a href=\"https:\/\/forklog.com\/en\/news\/alphapo-hack-losses-estimated-at-60-million\">Alphapo<\/a> and the cross-chain bridge <a href=\"https:\/\/forklog.com\/en\/news\/hacker-steals-about-100-million-in-harmonys-horizon-cross-chain-bridge-attack\">Horizon<\/a>.<\/p>\n<p>In the near future, CoinsPaid will host a \u201cround table\u201d with all victims of North Korean hackers to announce a new initiative aimed at minimising and preventing similar attacks in the future.<\/p>\n<p>Earlier in July, an unknown actor <a href=\"https:\/\/forklog.com\/en\/news\/defi-protocol-rodeo-finance-hacked-for-1-5-million\">drained<\/a> $1.5 million from the DeFi protocol Rodeo Finance through oracle manipulation.<\/p>\n<p>In the same month, the attacker <a href=\"https:\/\/forklog.com\/en\/news\/eralend-defi-protocol-hacked-for-3-4-million-on-zksync-era\">attacked<\/a> the lending protocol EraLend, stealing crypto assets worth $3.4 million.<\/p>\n<p>In the first half of 2023, the crypto industry <a href=\"https:\/\/forklog.com\/en\/news\/analysts-tally-hacker-attacks-on-crypto-projects-over-six-months\">faced 395 breaches<\/a>, losing around $479.4 million as a result.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The CoinsPaid payment service resumed operations after the July 22 hack for $37 million. The developers suspect involvement of the North Korean Lazarus Group.<\/p>\n","protected":false},"author":1,"featured_media":82249,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1125],"class_list":["post-82248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-lazarus"],"aioseo_notices":[],"amp_enabled":true,"views":"34","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/82248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=82248"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/82248\/revisions"}],"predecessor-version":[{"id":82250,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/82248\/revisions\/82250"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/82249"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=82248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=82248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=82248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}