$37M CoinsPaid Hack Was Triggered By A Fake Job Interview
"The fake interview and subsequent hack were the culmination of an elaborate six-month operation in which hackers launched numerous denial-of-service and brute-force attacks, which probe networks for technical vulnerabilities that can then be exploited."
"In late July, a programmer at Estonia’s CoinsPaid, [one of the] biggest crypto payment provider, met over video link with a recruiter who had reached out on LinkedIn with a lucrative job offer."
"During the 40-minute job interview, the engineer was asked to download a file to take a technical test, which he did on his work computer."
"A few days later, on July 22, the CoinsPaid security team noticed a series of unusual withdrawals — money was quickly being drained from company accounts."
"By the time they were able to shut everything down and kick out the hackers four-and-a-half hours later, CoinsPaid had lost $37 million, and both the origin of the stolen crypto and the addresses of the digital wallets that received it had been carefully obscured."
"In the run-up to the breach, hackers studied CoinsPaid closely, conducting phishing attacks and reaching out to multiple staff members with questions and job offers in order to gain access to internal systems, according to a company investigation."
“The attack itself was very quick. They are professionals,” Pavel Kashuba, co-founder and chief financial officer of CoinsPaid, said in an interview with Bloomberg.