We Partnered with 2 White Hacker Teams to Stress Test Our Systems

In the ever-evolving landscape of digital transactions, security is paramount. In efforts to strengthen our internal systems and prevent potential threats, CoinsPaid partnered with 2 White Hackers Teams to stress test our Crypto Payment Gateway.

Red Team vs. Blue Team: A Competition to Hack CoinsPaid

Red teams and blue teams work as attackers and defenders to improve an organization’s security:

  • A Red Team played the role of the Attacker by trying to find vulnerabilities and break through our cybersecurity defences.
  • A Blue Team acted as the Defender against attacks and responded to incidents when they occurred.

On January 5, 2024, the Red Team emerged victorious. Despite 3 months of relentless attempts, they have successfully got their hands over ETH and BSC master keys.

The triumph, however, was bittersweet, as their journey highlighted the resilience of our security infrastructure. They tried to get past our firewalls and encryptions for months, yet the fortress stood firm.

Cybersecurity Stress Test: Findings

It wasn’t until the very end that they uncovered a single vulnerability. As soon as CoinsPaid’s vigilant security systems detected a sophisticated cyber-attack targeting our transaction services, our internal protocols alerted the team and automatically took all “Write” nodes offline. As a result, all withdrawals were stopped before the vulnerability was fixed, and a new set of keys was generated in accordance with security procedures.

Our security team embarked on an intensive review, dissecting every nook of our systems and every step taken by the Red Team to assess and further enhance our defences. All CoinsPaid merchants and their end users were notified in a timely manner and received all necessary assistance from our side.