{"id":20800,"date":"2023-08-07T16:05:18","date_gmt":"2023-08-07T16:05:18","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/coinspaid-claims-north-korean-hacking-group-used-fake-job-interview-to-steal-37m\/"},"modified":"2023-08-07T16:05:20","modified_gmt":"2023-08-07T16:05:20","slug":"coinspaid-claims-north-korean-hacking-group-used-fake-job-interview-to-steal-37m","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/coinspaid-claims-north-korean-hacking-group-used-fake-job-interview-to-steal-37m\/","title":{"rendered":"CoinsPaid claims North Korean hacking group used fake job interview to steal $37M"},"content":{"rendered":"
Estonia-based cryptocurrency payments firm CoinsPaid suspects North Korean hackers with the Lazarus Group gained access to its systems through fake recruiters targeting employees.<\/p>\n
In an Aug. 7 blog post, CoinsPaid said an exploit which allowed hackers to steal more than $37 million on July 22 was the result of tricking one employee into downloading software during a fake job interview, having them believe they were completing a technical task. The firm reported that the worker responded to a job offer put out by hackers and downloaded the malicious code, allowing the bad actors to steal information and give them access to CoinsPaid\u2019s infrastructure.<\/p>\n
\u201cHaving gained access to the CoinsPaid infrastructure, the attackers took advantage of a vulnerability in the cluster and opened a backdoor,\u201d said CoinsPaid. \u201cThe knowledge perpetrators gained at the exploration stage enabled them to reproduce legitimate requests for interaction interfaces with the blockchain and withdraw the company’s funds from our operational storage vault.\u201d<\/p>\n
\nWe Know Exactly How Attackers Stole and Laundered $37M USD<\/p>\n
CoinsPaid invited a partnership with @MatchSystems<\/a>, in cooperation with law enforcement agencies and regulators, accompanies the process of returning stolen #crypto<\/a> assets. <\/p>\n
Read more: https:\/\/t.co\/jLF3ICo603 pic.twitter.com\/0gDy9CJcS7<\/a><\/p>\n