North Korea’s Lazarus hacking group is once again making headlines, this time for their involvement in two major cryptocurrency attacks that resulted in the theft of nearly $100 million in virtual currency.
One of the victims of these attacks was CoinsPaid, a payments gateway based in Tallinn. According to a recent update from the company, $37.3 million was stolen in the attack. Despite the significant loss, CoinsPaid stated that their customers’ funds remained secure, thanks to their quick response and robust security measures.
The company’s CEO, Max Krupyshev, acknowledged the impact of the attack on CoinsPaid’s services, noting that they were working diligently to restore normal operations in a new, more secure environment. He also mentioned that the company’s security experts had been able to track the movement of the stolen funds using blockchain analytics tools.
In a separate incident, Lazarus was also implicated in a larger attack on cryptocurrency payments provider Alphapo. Initially, $23 million in Ethereum, Tron, and Bitcoin was stolen from Alphapo’s hot wallets. However, further investigation revealed that an additional $37 million in Tron and Bitcoin had also been taken, bringing the total amount stolen to $60 million.
Blockchain expert @ZachXBT pointed to Lazarus as the likely culprit behind the Alphapo attack, citing their distinctive modus operandi that leaves a unique “fingerprint” on the blockchain. This assertion underscores the sophistication and persistence of the Lazarus hacking group in targeting cryptocurrency firms for financial gain.
These recent attacks highlight the ongoing threat posed by cybercriminals, particularly state-sponsored groups like Lazarus, to the security of the cryptocurrency industry. As companies continue to innovate and expand their digital payment services, they must remain vigilant and proactive in safeguarding their platforms and customers’ assets from malicious actors.