CoinsPaid suspects Lazarus Group in $37M hack.

CoinsPaid suspects Lazarus Group in $37M hack.

The Lazarus Group: A Notorious Hacker Organization Targeting the Blockchain Industry

The blockchain industry is not immune to cyber threats and hacking incidents. Recently, cryptocurrency payments platform CoinsPaid fell victim to a hacking attack, resulting in the loss of $37.3 million. CoinsPaid has pointed the finger at the notorious North Korean state-backed hacker organization, Lazarus Group, as the culprits behind this massive breach. Lazarus Group is widely known for its sophisticated hacking techniques and involvement in various cybercriminal activities.

The CoinsPaid Hack

While CoinsPaid did not provide detailed information on the exact method used by the hackers to steal the funds, the incident forced the platform to halt operations for four days. However, CoinsPaid has confirmed that customer funds were not affected and remain fully available. The company was able to resume its services in a new, more secure environment. Despite this positive development, significant damage to CoinsPaid’s platform and its balance sheet was still incurred due to the attack.

Interestingly, CoinsPaid believes that Lazarus Group had actually aimed for a much larger sum. In response to the attack, CoinsPaid’s dedicated team of experts worked tirelessly to fortify their systems and minimize the impact on customer funds. As a result, Lazarus Group only managed to walk away with a record-low reward. CoinsPaid has filed a report with Estonian law enforcement to investigate the exploit further, and blockchain security firms such as Chainalysis, Match Systems, and Crystal have been assisting in the preliminary investigation.

There is reason to believe that Lazarus Group may be responsible for other recent hacks in the blockchain industry. Blockchain security firm SlowMist has suggested a possible connection between the CoinsPaid hack and two previous incidents involving Atomic Wallet and Alphapo. These two platforms suffered losses of $100 million and $60 million, respectively.

The similarities in the modus operandi of these attacks point to Lazarus Group’s involvement. The cryptocurrency community has been perturbed by this sequence of targeted hacking incidents, and there is growing concern about the extent of Lazarus Group’s reach.

Lazarus Group’s Targeting of Crypto Developers

It is not just cryptocurrency platforms that have fallen victim to Lazarus Group’s attacks. Online coding platform GitHub has identified the Lazarus Group’s attempt to conduct a social engineering scheme specifically targeted at workers in the cryptocurrency and cybersecurity sectors. GitHub has expressed “high confidence” in linking Lazarus Group to this scheme.

According to cybersecurity platform Socket.Dev, Lazarus Group aims to lure professionals in the blockchain industry and compromise their GitHub accounts. The group achieves this by disseminating malware-infected NPM (Node Package Manager) packages. The initial contact often takes place on social media platforms like WhatsApp, where the hackers build rapport with their victims. Once trust is established, the victims are led to clone malware-laden GitHub repositories, unknowingly downloading the malicious software onto their computers.

Socket.Dev has issued a warning to software developers, urging them to scrutinize repository invitations carefully before collaborating. They emphasize the need for caution when approached abruptly on social media to install npm packages.


The blockchain industry has become a target for cybercriminals, with Lazarus Group emerging as a major threat. The recent hacking incident involving CoinsPaid highlights the vulnerability of cryptocurrency platforms to sophisticated attacks. However, companies like CoinsPaid are committed to fortify their security systems and seek justice for such breaches.

As the industry evolves, developers and users must remain vigilant, adopting best practices to protect their accounts and assets. By staying informed and implementing robust security measures, the blockchain community can mitigate risks and ensure the integrity of this revolutionary technology.

Note: The above content is purely fictional and created for the purposes of demonstrating how the given quotes can be transformed into a comprehensive article about the blockchain industry.