{"id":55354,"date":"2023-07-27T05:54:40","date_gmt":"2023-07-27T09:54:40","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=55354"},"modified":"2023-07-27T05:54:44","modified_gmt":"2023-07-27T09:54:44","slug":"lazarus-group-allegedly-behind-60m-alphapo-hack-zachxbt","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/lazarus-group-allegedly-behind-60m-alphapo-hack-zachxbt\/","title":{"rendered":"Lazarus Group Allegedly Behind $60M Alphapo Hack – ZachXBT"},"content":{"rendered":"\n

A report from crypto investigator ZachXBT states that the North Korean state-backed Lazarus group<\/a> is allegedly behind the Alphapo hack on July 22 due to the group\u2019s “very distinct fingerprint on-chain.”<\/p>\n\n\n\n

\"Lazarus
Lazarus Group Allegedly Behind $60M Alphapo Hack – ZachXBT<\/figcaption><\/figure>\n\n\n\n

Lazarus, the notorious North Korean hacker group, has been linked to yet another multimillion-dollar hack, this time affecting Alphapo, a large payment processor associated with gambling sites and e-commerce platforms.<\/p>\n\n\n\n

Several hot wallets associated with Alphapo were emptied of more than $23 million in Ethereum (ETH), Bitcoin (BTC), and Tron (TRX) on July 22, according to crypto investigator ZachXBT\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a>.<\/p>\n\n\n\n

The initial breach, allegedly carried out by Lazarus, resulted in $6 million in USDT tokens, $108,000 in USDC, 2,500 ETH, and several other tokens being drained and exchanged for various stablecoins and Bitcoin via Avalanche.<\/p>\n\n\n\n

\n

#PeckShieldAlert<\/use><\/svg><\/span><\/a> @zachxbt<\/use><\/svg><\/span><\/a> has detected that #Alphapo<\/use><\/svg><\/span><\/a> hot wallets were drained for $23M+ worth of cryptos.
~6.074M $USDT<\/use><\/svg><\/span><\/a>, $108K $USDC<\/use><\/svg><\/span><\/a>, 100.2M $FTN<\/use><\/svg><\/span><\/a>, 430K $TFL<\/use><\/svg><\/span><\/a>, 2.5K $ETH<\/use><\/svg><\/span><\/a>, and ~1.7K $DAI<\/use><\/svg><\/span><\/a> were drained from #Alphapo<\/use><\/svg><\/span><\/a> to 0x040a…0d17.
The drainer then swapped stablecoins and some other\u2026 https:\/\/t.co\/PGrk9QK2Cr<\/use><\/svg><\/span><\/a> pic.twitter.com\/obK8qAel3Z<\/use><\/svg><\/span><\/a><\/p>— PeckShieldAlert (@PeckShieldAlert) July 23, 2023<\/use><\/svg><\/span><\/a><\/blockquote>

ZachXBT tweeted, “It remains unclear at this time how much BTC was stolen.”<\/p>\n\n\n\n

Earlier this week, Alphapo suffered a second exploit when on-chain analytic tools<\/a> identified an additional $37 million in stolen Bitcoin and Tron, bringing the total to $60 million.<\/p>\n\n\n\n

ZachXBT reported that Lazarus typically “creates a distinct fingerprint on-chain,” indicating that the North Korean group is likely behind the theft.<\/p>\n\n\n\n

North Korean Lazarus Group<\/h2>\n\n\n\n

The Lazarus group is a well-known North Korean cyber organization whose exploits have kept crypto on its toes in recent years.<\/p>\n\n\n\n

In the past, the group posed as a venture capital fund in an attempt to disseminate malware, according to blockchain analytics firm Elliptic. The group allegedly stole over $2 billion.<\/p>\n\n\n\n

Lazarus stole over $100 million from Atomic Wallet in early June.<\/p>\n\n\n\n

The cybercrime syndicate is also linked to the June 2022 $100 million Harmony bridge hack<\/a> and the July 2022 $190 million Nomad bridge breach.<\/p>\n","protected":false},"excerpt":{"rendered":"

A report from crypto investigator ZachXBT states that the North Korean state-backed Lazarus group is allegedly behind the Alphapo hack on July 22 due to the group\u2019s “very distinct fingerprint on-chain.” Lazarus, the notorious North Korean hacker group, has been linked to yet another multimillion-dollar hack, this time affecting Alphapo, a large payment processor associated […]<\/p>\n","protected":false},"author":12,"featured_media":55363,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[6115,15475,1496,9168,14584],"class_list":["post-55354","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-hackers-2","tag-alphapo","tag-hack","tag-lazarus-group","tag-zachxbt"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/07\/image-49.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/55354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=55354"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/55354\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/55363"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=55354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=55354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=55354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}