CoinsPaid Experienced Second Theft In 6 Months, Losses Nearly Rp116.3 Billion

CoinsPaid has experienced its second security attack in six months. (photo: x @CoinsPaid_Media)

JAKARTA - Web3 security firm Cyvers reported that crypto payment gateway CoinsPaid experienced a second security attack in the past six months. Cyvers' artificial intelligence system detected unauthorized transactions worth nearly US$7.5 million (Rp116.3 billion).

On January 6, Cyvers' artificial intelligence system detected several irregular transactions, enabling the withdrawal of US$6.1 million in digital assets (Rp94.6 billion) in Tether (USDT), Ether (ETH), USD Coin (USDC), and the native CoinsPaid (CPD) token.

Cyvers' team on X (formerly Twitter) revealed that the attacker exchanged around 97 million CPD tokens worth about US$368,000 (Rp5.7 billion) into ETH, then transferred the funds to externally owned accounts (EOA) and the MEXC, WhiteBit, and ChangeNOW crypto exchanges. CoinGecko data shows that at the time of writing, the CPD was trading for US$0.00.0006, down 39.5% in 24 hours.

After further analysis, Cyvers identified unauthorized transactions involving BNB worth more than US$1 million (Rp15.5 billion), bringing the total amount stolen to close to US$7.5 million.

CoinsPaid is an Estonian payment provider for digital assets and claims to have processed more than 19 billion euros in crypto transactions. The company has not commented on the attack.

The platform previously experienced a security attack in July 2023, which caused more than $37 billion to be stolen. According to CoinsPaid, hackers used fake job interviews to trick one of its employees.

The employee allegedly responded to job offers and downloaded malicious codes, allowing the perpetrators to steal information and provide access to CoinsPaid infrastructure.

In a post-mortem report from the hack, CoinsPaid blamed the North Korean state-backed Lazarus group for the incident. They noted that the group had been trying to infiltrate the platform since March 2023 but turned to "very sophisticated and powerful social engineering techniques" after several failures - targeting employees rather than the company itself.

Lazarus Group is suspected of being the perpetrator of several crypto hacks in 2023. blockchain intelligence firm TRM Labs reported that the group stole at least 600 million US dollars (Rp9.3 trillion) in crypto last year.