A hack on AlphaPo, a crypto payment platform, shook the internet recently after security experts spotted the pilferage of at least $31 million from its hot wallets. ZachXBT, an eccentric on-chain investigator who was deeply interested in the situation, claimed that the funds had been taken from the Ethereum network, exchanged for ETH, and then bridged to the Avalanche and Bitcoin blockchains.
Since the number of Bitcoins taken at the time was unknown, market experts worried that the loss would be greater than initially reported. Unfortunately, ZachXBT’s suspicions were realized when he learned that an additional $37 million worth of TRON and BTC were looted, bringing the total amount of theft to $60 million.
ZachXBT also suggested that the dreaded North Korea-based Lazarus Group might have carried out the attack, as they create a very distinct fingerprint on the chain. While investigations are currently in progress, DeDotFi’s security team stated then that the hack may have been caused by a leak of private keys.
AlphaPo is a payment processor that allows quick transactions in more than 30 digital assets and balances in a variety of fiat currencies. The company is primarily recognized for serving as the cryptocurrency gateway for several gambling websites, including HypeDrop, Ignition, and Bovada.
According to security analysts, Lazarus, a group notorious for attacking cryptocurrency institutions like the Ronin Network and Harmony’s Horizon Bridge, recently infiltrated U.S. enterprise software provider JumpCloud to target its cryptocurrency clients.
Hunt Begins For Lazarus Hackers
JumpCloud, a directory platform that enables businesses to authenticate, authorize, and manage users and devices, disclosed that the nation-state actor was also responsible for a June system breach that compelled the company to reset its clients’ API keys.
While JumpCloud didn’t at the time pin blame on the dreaded hacker’s group, several cyber security researchers like CrowdStrike, SentinelOne, and Mandiant have attributed the attack to the North Korea-backed hackers.
U.S. officials announced fresh penalties against North Korea’s army of illegal IT employees in May as part of efforts to stop the state-sponsored, anonymous hackers. They contend that these individuals have obtained employment abroad fraudulently to fund the regime’s development of WMD. Additionally, the US State Department is offering up to $10 million in incentives for information that will stop North Korean hackers.