Alphapo hackers have escalated their attacks on the payments provider, and recent reports suggest the havoc they wreaked has surpassed a staggering $60 million in losses.
This updated figure comes from the diligent on-chain sleuth, ZachXBT, who has closely monitored the situation. Initially, the reported damages were around $31 million, but as investigations unfolded, the scope of the hack became even more alarming.
At its core, Alphapo is a centralized crypto payment provider catering to various e-commerce subscription services, online gaming platforms, and other internet-based businesses.
The aftermath of the breach has affected Alphapo and caused significant losses for another associated entity, Coinspaid.
Alphapo Hackers Drain $37 Million From Tron, Bitcoin Networks
In a recent Twitter/X update, ZachXBT revealed an additional $37 million in stolen assets from both the Tron and Bitcoin networks. The Alphapo hack, which has already caused massive losses, seems far from over, as the hackers continue exploiting vulnerabilities in the crypto space.
For those unfamiliar Alphapo processes payments for a number of gambling services such as HypeDrop, Bovada, and Ignition.
It remains unclear at this time how much BTC was stolen from Alphapo.
Addresses 0x040a96659fd7118259ebcd547771f6ecb9580d17…
— ZachXBT (@zachxbt) July 23, 2023
Alphapo was a key player in facilitating transactions for various online gambling platforms. Notable among them were HypeDrop, Ignition, and Bovada, platforms known for their immense popularity and user engagement. However, this widespread usage also made them lucrative targets for cybercriminals.
Hot wallets, continuously connected to the internet, provide convenient access to funds for immediate transactions. However, this convenience comes with significant risks. They are more susceptible to cyberattacks than cold wallets, which are kept offline and offer higher security.
As our current crypto payment service provider is manually processing withdrawals slowly, we’ve disabled crypto deposits for the time being.
Our provider has advised us that withdrawals will be automated again, but unfortunately with no ETA. Therefore, we’ve implemented…
— HypeDrop (@HypeDrop) July 25, 2023
Amidst the ongoing hack, HypeDrop, one of the affected platforms, acknowledged the troubling situation by notifying its users of payment-related issues. Withdrawals were delayed due to the hack’s impact on Alphapo’s operations. However, the platform assured its users that withdrawals would be reinstated once the issue was resolved.
Possible Lazarus Group Hackers Involved In Alphapo Breach
As the investigation into the Alphapo hack intensifies, ZachXBT has pointed to potential involvement by the notorious Lazarus Group. Citing data from Dune Analytics, he highlighted distinct on-chain fingerprints that align with the modus operandi of the cybercrime group.
The Lazarus Group first came to the attention of the cybersecurity community in 2014 when a consortium of researchers led by Novetta identified the group.
Since then, they have been responsible for numerous high-profile cyber attacks, one of the most notable being the $540 million hack of Ronin Bridge in April 2022. This track record of sophisticated and financially motivated attacks has earned them a reputation as a formidable threat in the digital realm.
Featured image from The Crypto Times