CoinsPaid

CoinsPaid, an Estonian cryptocurrency payment processor, suffered two cyberattacks: the first on July 22, 2023, with a loss of $37.3 million, and the second on January 5, 2024, with a loss of $7.5 million, totaling $44.8 million in stolen cryptocurrencies, including USDT, USDC, CPD, ETH, and BNB, per the provided article and Cyvers.

The July attack, detected at 14:00 UTC, involved social engineering, where a fake job offer tricked an employee into installing malware, likely JumpCloud Agent, compromising hot wallet access despite multi-signature wallets, per CoinDesk.

The January attack, detected at 18:13 UTC, exploited inadequate wallet access controls, with funds swapped to ETH and sent to exchanges like WhiteBit, MEXC, and ChangeNow, per crypto.news.

CoinsPaid, processing $19 billion annually per FinTelegram, halted operations for four days after the first hack, reimbursed clients from reserves, and collaborated with Match Systems and Estonian police, per Bloomberg.

No compensation details exist for the January hack, and no funds were recovered, though $27 million was frozen, per Twitter (@BTCTN).

Suspected Lazarus Group involvement in both attacks, linked to Atomic Wallet’s $100 million hack, per CoinsPaid’s report, fueled distrust, impacting market sentiment.

Among 305 DeFi hacks in 2024 costing $1.8 billion, per Chainalysis, these incidents, alongside WOOFi’s $8.75 million loss, underscore social engineering risks, prompting calls for enhanced employee training, robust access controls, and industry-wide security standards to protect crypto platforms.