- Payment processor Alphapo wallet has lost over $30 million to hackers who compromised its security on the Ethereum blockchain
- The amount stolen is estimated to be higher since the actual amount of Bitcoin drained is unknown
- Some blockchain security sleuths think that the hacker accessed the wallet’s private keys
Payment processor Alphapo wallet has lost over $30 million to hackers who compromised its security on the Ethereum blockchain. The amount stolen is estimated to be upwards of $100 million since the reported figures account for Ethereum-based assets but the hack also involved BTC and TRON (TRX). Some blockchain security sleuths think that the hacker may have gained access to the wallet’s private keys.
From Ethereum to Bitcoin and Avalanche
According to a blockchain investigator pseudonymously known as ZachXBT on Twitter, the stolen Ethereum-based assets were converted to ETH and moved to the Bitcoin and Avalanche networks. Some of the wallet’s users, most of whom are gambling platforms, have already halted withdrawals and assured users that their “funds are secure” without expressly revealing that the payment processor had been hacked.
🚨 Alphapo Hot Wallet Hacked 🚨
Over $31,000,000 stolen, with reports suggesting up to ~$100 million.
Hot wallet was hacked on Ethereum, Tron and BTC. Stolen funds were swapped and distributed among various EOAs.
🧵: Here are the details of the incident 👇 pic.twitter.com/bLeCLJvH6G
— De.Fi 🛡️ Web3 Antivirus (@DeDotFiSecurity) July 23, 2023
Speaking to Cointelegraph through a spokesperson, Alphapo revealed that the platform is reenabling user withdrawals and deposits for select cryptocurrencies, although it didn’t give details of the hack.
Don’t Use Old Deposit Addresses
Alphapo warned users against interacting with the previous deposit addresses but intimated that they’re still in control of the addresses. The hack comes two months after Atomic Wallet suffered a similar incident that was linked to the notorious North Korean hacking group Lazarus and where roughly $35 million was stolen.
The Alphapo wallet hack also comes two weeks after reports emerged that DeFi hackers pocketed over $200 million in the last quarter.
Apart from targeting crypto wallets, hackers are also continuously knocking on DeFi protocols’ doors such as Multichain, Crema Finance and Mango Markets by infiltrating the platforms’ smart contracts.
Although the Alphapo hacker may have controlled the wallet’s private keys, crypto wallets remain a lucrative target for malicious actors in the web3 space.
