Over $37M CoinsPaid crypto theft pinned on Lazarus Group

BleepingComputer reports that North Korean state-sponsored hacking operation Lazarus Group has been blamed by Estonian cryptocurrency payment service provider CoinsPaid to be behind a $37.2 million cryptocurrency heist on July 22. All client funds are safe and no significant operational impact is expected from the cyberattack, according to CoinsPaid, which noted that Lazarus was expecting a much more successful compromise but did not provide any details on how the intrusion was attributed to the threat group. Investigation into the attack is already being done in collaboration with Binance, Chainalysis, OKCoinJapan, Match Systems, Valkyrieinvest, and Stacked.us, as well as Estonian law enforcement agencies, according to CoinsPaid CEO Max Krupyshev. Lazarus Group, which was most recently linked to the theft of $60 million from centralized cryptocurrency payment provider Alphapo due to similarities in attack techniques, previously exfiltrated $617 million from the blockchain game Axie Infinity, $100 million from Harmony Horizon, and $35 million from Atomic Wallet.