Alphapo’s hack now estimated at $60 million: ZachXBT

Quick Take

  • The Alphapo hot wallet hack is now estimated to have resulted in a loss of $60 million.
  • On-chain analyst ZachXBT noted an additional theft of $37 million, elevating the initial estimate from $23 million.

The recent hack involving crypto payments processor Alphapo’s hot wallets is now estimated to have resulted in a loss of $60 million, as per the latest findings.

This updated figure comes after on-chain analyst ZachXBT identified an additional $37 million in stolen assets on both the Tron and Bitcoin networks — raising the initial estimate from $23 million to $60 million. This total also includes losses suffered by Coinspaid, which is an entity associated with Alphapo.

As a crypto payments processor, Alphapo managed transactions for online gambling platforms such as HypeDrop, Bovada, and Ignition. Given that hot wallets are online and constantly connected to the internet, they face a higher risk of cyberattacks compared to their offline counterparts: cold wallets.

In this instance, the hackers appear to have swapped the stolen funds on Ethereum for ETH and then transferred them to other blockchains, including Avalanche, Tron, and Bitcoin. The funds on Bitcoin were deposited into the crypto mixer service Sinbad, as informed by ZachXBT to The Block.

Potential Lazarus connection

The distinctive on-chain patterns associated with this breach, according to ZachXBT, align closely with operations previously linked to the Lazarus, a North Korean hacking group. Lazarus has been implicated in several high-profile hacks, including the Ronin bridge breach which resulted in a loss of over $600 million last year.

"This hack appears to likely have been done by Lazarus as they create a very distinct fingerprint on-chain," ZachXBT highlighted.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.