Crypto payment platform Alphapo had at least $31 million drained from its hot wallets on Ether (ETH), TRON (TRX) and Bitcoin (BTC), security experts reported on July 22. Since the number of Bitcoins stolen is uncertain, the figures may be even higher.
According to on-chain detective ZachXBT, the funds were stolen on the Ethereum network, then exchanged for ETH before being bridged to the Avalanche and Bitcoin blockchains. According to the DeDotFi security team, the hack may have been caused by leaking private keys. Investigations are still in progress.
Alphapo is a payment processor that offers instant transactions in over 30 digital assets and balances in a range of fiat currencies. The company is best known for being the crypto gateway for a number of gambling platforms, including HypeDrop, Ignition and Bovada.
Alphapo Hot Wallet Hacked
Over $31,000,000 stolen, with reports suggesting up to ~$100 million.
Hot wallet has been hacked on Ethereum, Tron and BTC. Stolen funds were exchanged and distributed among various EOAs.
: Here are the details of the incident pic.twitter.com/bLeCLJvH6G
— De.Fi ️ Web3 Antivirus (@DeDotFiSecurity) July 23, 2023
After the incident, Alphapo’s client HypeDrop stopped processing crypto transactions. The Mystery Box platform said on Twitter that it is experiencing problems with deposits and withdrawals as a result of the hack. “Please know that your HypeDrop funds are safe, but we encountered a problem on the side of the cryptocurrency provider. Once the provider’s operations resume, processing deposits will be credited accordingly,” it stated.
Despite not commenting on the incident, an Alphapo spokesperson told Cointelegraph that deposits and withdrawals are being reinstated for sets of currencies at the same time. “We kindly ask all our users to refrain from sending funds to the old deposit addresses. However, in the rare case that this happens, the funds originating from such deposits will be additionally verified.”
In another security incident over the past few days, decentralized financial protocol Conic Finance has experienced two attacks in a matter of hours. The first exploit saw $3.26 million in Ether stolen, with almost the entire amount sent to an Ethereum address in just one transaction. The second incident happened a few hours later, the protocol revealed in a postmortem report, saying it was a variant of a sandwich attack targeting its pools, and netted the attacker about $300,000.
Magazine: Should crypto projects ever negotiate with hackers? Probably
Bitcoin 
Ethereum 
Tether 
BNB 
XRP 
USDC 
Lido Staked Ether 
Solana 
Cardano 
Dogecoin 