Cryptocurrency payment platform Alphapo hot wallet private key stolen! Loss exceeds 23 million US dollars.
The cryptocurrency payment service provider Alphapo, highly associated with crypto gambling companies, had its hot wallet private keys compromised on Sunday, resulting in a total loss exceeding $23 million in $ETH, $USDT, and $TRX. The funds were subsequently converted to $ETH and transferred to the Avalanche and Bitcoin blockchains. This will bring the total losses from blockchain attacks in July to $135 million.
Table of Contents
Attackers Excel at Covering Their Tracks
According to blockchain detective ZachXBT's report, the hot wallets of the crypto payment platform Alphapo were compromised between the 22nd and 23rd, affecting Alphapo's Bitcoin, ETH, and TRON hot wallets with an initial loss estimated at around $23 million.
Funds were first stolen on Ethereum, then converted entirely to ETH, and further transferred to the Avalanche and Bitcoin blockchains.
Tapchibitcoin explained that the attackers' fund transfer methods were complex and difficult to trace, effectively covering their tracks and slowing down the process of fund recovery and hacker identification.
Blockchain security firm PeckShield confirmed this news, stating that the stolen funds included $6.074 million in USDT, $0.108 million in USDC, 100 million $FTN, 430,000 $TFL, 2,500 $ETH, and 1,700 $DAI.
Crypto Gambling Companies Affected
Alphapo's clients include many cryptocurrency gambling service providers such as HypeDrop, Bovada, and Ignition, which are expected to be significantly impacted. HypeDrop has already been implicated and has been forced to suspend user deposit and withdrawal services.
The company stated via a release that the situation stemmed from a third-party service provider, explaining issues with processing deposits and withdrawals in $BTC, $ETH, and $TRX, and reassuring users that their funds are safe.
To date, the Ethereum blockchain explorer Etherscan has flagged two addresses associated with the perpetrator and continues to monitor fund flows.
Monthly Losses from Blockchain Security Incidents on the Rise
The auditing team Certik claims that this incident resulted from a leaked private key, contributing to a total loss of $214 million from incidents related to leaked private keys this year.
Previously this month, other protocols that suffered significant losses from attacks include Multichain, Conic Finance, and ArcadiaFi, with July's attack incidents surpassing $135 million, marking a four-month high.
Related
- Bug in Cross-Chain Partner of Uniswap? LayerZero Founder Steps in to Debug, Security Issues Become a Pandora's Box
- Beware of Dogecoin Scams! Stolen before doubling, cybersecurity experts warn of security issues on Dogecoin websites
- Security Alert: Many phishing scams on Telegram, accounts may also disappear directly