ZachXBT, an on-chain detective, claims to have discovered an extra $37 million in losses from the alleged attack.
A shocking new step is the revelation that the allegedly July 23 Alphapo payments provider hack resulted in damages greater than a stunning $60 million. ZachXBT, a keen-eyed on-chain detective, published this updated estimate after earlier reports put the losses at roughly $31 million.
For platforms like HypeDrop and the online casinos Bovada and Ignition, as well as other online enterprises, Alphapo, a centralized cryptocurrency payment provider, has long been the preferred choice. When it appeared that Alphapo had lost at least $21 million, with some sources suggesting that the losses may exceed $31 million, security professionals started raising the alarm.
Alphapo told users that deposits and withdrawals will be reestablished at new addresses, while cash deposited to old addresses would be subject to further verification, even though it did not confirm the claimed hack at the time. Additionally acknowledging problems with its payment processor that were delaying withdrawals, HypeDrop assured users that the situation would be remedied quickly.
Hack update: An additional $37M stolen on TRON & BTC from this hack has been located.— ZachXBT (@zachxbt) July 25, 2023
This now brings the total amount stolen to $60M.
This hack appears to likely have been done by Lazarus as they create a very distinct fingerprint on-chain. pic.twitter.com/ACGSXiDwW3
ZachXBT’s most recent insight, which claims that an extra $37 million was purportedly siphoned off from inactive accounts on the Tron and Bitcoin networks, has given the matter a darker turn. The staggering $60 million in losses is now the amount. The on-chain detective has additionally proposed that the infamous Lazarus Group might be responsible for the attack, based on information from Dune Analytics:
“This hack appears to likely have been done by Lazarus as they create a very distinct fingerprint on-chain.”
The Lazarus Group is a cybercrime organization that has allegedly been linked to the North Korean government and has a reputation for engaging in sophisticated hacking operations.
The crypto community saw a similar strange large-scale withdrawal from the cross-chain bridging protocol Multichain, resulting in losses of over $100 million, therefore Alphapo’s experience is not unique. The protocol was subsequently shut down on July 14th as a result of the Multichain team’s later disclosure that the withdrawals were brought on by an attacker obtaining access to the protocol’s private keys through a cloud storage provider.
It is crucial for users and providers to remain cautious and implement strong security measures to safeguard digital assets and protect against potential threats while the crypto environment navigates these difficult times.