$60M gone and it barely raises an eyebrow…
AlphaPo, a crypto payments processor for gambling platforms, lost $60M across ETH, TRON and BTC over the weekend.
Hypedrop, who rely on AlphaPo, have suspended deposits and have reassured users that withdrawals will eventually be paid out, but declined to mention the hack.
Both the attack type and pattern of transactions post-hack point to a certain set of state-sponsored cybercriminals:
This hack appears to likely have been done by Lazarus as they create a very distinct fingerprint on-chain.
It’s been a while since we’ve seen a centralised platform’s hot wallet drained…
Could this be the start of another CEX spearphishing spree?
As ever, stories of compromised hot wallets leave little to be said. The phishing techniques used by sophisticated groups like Lazarus are varied and ever-evolving.
But they alway have a common goal…
On Ethereum, the attack begun when AlphaPo’s hot wallet (alphapo.eth) began to be drained in the early hours (UTC) of Saturday.
2464 ETH ($4.6M) and a variety of other coins (including over 6M USDT) were transferred to the hacker’s address, swapped to ETH, were then consolidated into a secondary account before being dispersed. Some of the stolen funds on Tron were sent to CEXs.
Attacker’s main addresses:
MistTrack’s analysis of the wallets involved have shown links to addresses involved in the draining of Atomic Wallet accounts (also attributed to Lazarus) and a potential, but as yet acknowledged, attack on Coinspaid.
But nowadays, such blips are in and out of the news cycle in the blink of an eye.
Are we simply becoming desensitised to such large losses?
Or are we just getting increasingly apathetic as the bear market drags on?
Or, perhaps, the only ones still here too busy either building or hamster racing to notice.
One thing’s for sure, Lazarus isn’t getting bored.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
What a way to start the week. This morning, Mixin Network announced a loss of $200M. The project claims to be “decentralised”, but has blamed the losses on a hacked third-party database. Where's the accountability?
Another exchange drained, is Lazarus going for a September hat-trick? Remitano's hot wallets were hit for $2.7M, yesterday. But quickly frozen USDT ensured profits were vastly reduced. Are we… learning?
rekt across thirteen chains. Is that a new record? CoinEx has become the latest crypto custodian to have its hot wallets emptied, losing an eventual total of $54.3M. How long until the next CEX is hit?