Crypto firm turns to Estonian authorities after US$37 million hack

COINSPAID, the world’s biggest crypto payments provider, reported a US$37 million hack it’s attributed to North Korea’s Lazarus Group to Estonian police.

“We can confirm that the police have indeed been contacted, but we are currently unable to share additional information with the public,” police spokesman Kaarel Kallas said by email.

CoinsPaid, which facilitates crypto payments for online casinos, on Jul 26 said it suspects Lazarus Group, a North Korea-linked hacking group, was behind the attack. The hack comes on the heels of a suspected US$100 million crypto theft from Atomic Wallet that Estonian police said it was investigating in June. Damages from crypto hacks rose to a record US$3.8 billion in 2022 amid a spike in attacks linked to North Korea, according to Chainalysis Inc.

Tallinn-based CoinsPaid said no customer funds were affected by the hack, while the company took an unspecified hit to revenues. The company has 230 employees.

The hack “involved elements of social engineering, aggressive bribery attempts of critical personnel, and attacks on numerous Internet-accessible applications,” CoinsPaid said in a statement on Thursday (Jul 27). The company said its systems are operating normallly, and that it plans announce a new initiative to prevent such exploits in the future. BLOOMBERG