Alphapo, a crypto payment platform, experienced a breach in its hot wallets involving Ethereum, TRON, and Bitcoin, resulting in a loss of at least $31 million. Given the uncertainty about the exact amount of Bitcoins stolen, the total sum drained off the platform could potentially be even greater.
On the same day as the hack, DeDotFi took to Twitter and shared crucial details suggesting that the security breach was a result of a leak of private keys.
DeDotFi has confirmed that over $31 million was stolen in the hacking incident. However, there are further reports indicating that the scale of the compromise may be even more substantial, with some estimates suggesting that up to $100 million worth of funds could have been compromised.
Additionally, On-chain expert ZachXBT has revealed that the stolen funds were initially taken from the Ethereum network. Subsequently, the hackers executed a series of transactions involving swapping these stolen funds for ETH before bridging them to the Avalanche and Bitcoin blockchains.
This complex trail of transactions was likely an attempt by the hackers to hide the origins of the stolen funds and cover their tracks.
Alphapo Hack Details
Blockchain security firm PeckShield presented an analysis revealing that the stolen funds consisted of a variety of cryptocurrencies, including USDT, USDC, FTN, TFL, TRX, ETH, and DAI. The hackers employed a series of swaps and bridges to transfer these assets across multiple wallets.
The stolen funds comprise 6.074 million USDT, 108,000 USDC, 100.2 million FTN, 430,000 TFL, 2,500 ETH, and 1,700 DAI. These assets were entirely drained to the address 0x040a by the hackers, consolidating the stolen cryptocurrencies in a single location.
The hacker executed a series of transactions, swapping the stablecoins for 5,730 ETH before bridging them to BTC using the Avalanche Bridge. Additionally, they drained approximately 12 million USDT and 5.2 million TRX to the wallet address TKSitn, followed by transferring the funds to TDoNAZHa7.
Blockchain security experts at SlowMist have also conducted an interesting analysis of the funds’ flow, indicating that the attacker’s modus operandi bears resemblance to previous exploits linked to the North Korean cybercrime group, Lazarus.
Alphapo’s Prominent Client, HypeDrop, Halts Crypto Transactions
Alphapo serves as the payment processor for various crypto-gambling platforms, such as HypeDrop, Ignition, and Bovada. As a result of the incident, HypeDrop has taken the precautionary measure of suspending deposits and withdrawals for certain cryptocurrencies.
The mystery box platform has stated on Twitter that it is currently facing challenges with processing deposits and withdrawals due to the hack. According to the HypeDrop team, once the payment processor resumes operations, pending deposits will be credited to users’ accounts.
However, any pending withdrawals will be canceled, and users will be required to submit new requests for processing. This measure has been taken in response to the hack to ensure the safety and integrity of user transactions on the platform.