- Hackers dupe CoinsPaid employee in 40-minute fake job interview, stealing $37 million.
- North Korean cybercrime group Lazarus suspected to be behind the elaborate attack.
Crafty Cybercrime: How Hackers Turned a Job Interview Into a Heist
The crypto world recently faced a jolt when CoinsPaid, a prominent crypto payment provider, lost a staggering $37 million to cybercriminals. Intriguingly, this was not a typical hack – it was a meticulously planned operation that exploited an unsuspecting employee through a fake job interview.
Lazarus Strikes Again?
Originating from the shadows of North Korean cyber infrastructure, the notorious Lazarus group appears to have added another notch to its belt. Their modus operandi involved posing as recruiters for the respected Singapore-based exchange, Crypto.com. This façade was compelling enough to lure a CoinsPaid employee into a 40-minute virtual interview. Under the guise of a “technical test”, the employee was duped into downloading a malicious software, inadvertently granting the hackers the keys to the kingdom.
By the time CoinsPaid identified and responded to the breach, a massive sum had been syphoned off. Pavel Kashuba, CoinsPaid’s CFO, elucidated on the swiftness of the operation, aptly noting,
“The attack itself was very quick. They are professionals.”
The meticulous planning and execution that preceded the heist are telling of the group’s commitment to their craft. Over a span of six months, the group painstakingly gathered intel about CoinsPaid, understanding its organizational structure, staff details, and potential vulnerabilities. Their efforts paid off in millions.
A Trail of Digital Deception
Post-heist, obfuscating the trail of stolen crypto became paramount for the perpetrators. Advanced techniques like using the Sinbad mixer and an assortment of swap services allowed them to muddy the digital waters, making it challenging for analysts to trace the end locations of the pilfered assets.
In the blockchain world, where transparency is one of the foundational pillars, such acts highlight the lengths to which criminals will go to conceal their tracks. Kashuba pointed out the scale of the operation, remarking,
“You need to have a huge amount of resources to engage in such large-scale corporate espionage.”
Curve: A Separate Tale of Crypto Misadventure
Meanwhile, in another corner of the crypto universe, Curve, a DeFi lending protocol, faced its own set of challenges. An audacious hacker pilfered crypto assets worth up to $73.5 million, mostly in ether. In a surprising twist, after negotiations, the hacker returned around $52.3 million, following a direct communication with Curve on the Ethereum blockchain.
Yet, the Curve saga remains unresolved. Despite the partial return of assets, the hunt for the individual or group behind the attack continues. As an incentive, Curve has announced a $1.85 million bounty for information leading to a legal conviction of the responsible parties.