It has been reported that the notorious North Korean hacking group Lazarus may be responsible for a recent cyberattack on Alphapo, a major payment processor for gambling and e-commerce websites. According to cryptocurrency investigator ZachXBT, beginning on July 22nd, multiple cryptocurrency wallets associated with Alphapo were compromised, resulting in the theft of over $23 million worth of digital assets including Ethereum, Bitcoin, and Tron.
ZachXBT believes Lazarus may be behind this breach based on the attack’s distinct technical signature which he claims aligns with previous crypto thefts attributed to the North Korean state-sponsored hackers. In the initial incursion, Lazarus allegedly stole $6 million in Tether tokens, over $100,000 in USD Coin, 2,500 Ether, and additional cryptocurrencies which were swapped into stablecoins and Bitcoin through the Avalanche network. The Alphapo incident represents the latest in a string of multi-million dollar cyber heists that experts believe Lazarus has perpetrated against cryptocurrency firms and exchanges worldwide.
According to cryptocurrency investigator ZachXBT, the exact amount of Bitcoin stolen directly from Alphapo’s hot wallets during the initial breach has not been verified. However, ZachXBT tweeted that an unclear sum of Bitcoin was taken in the first hack. Subsequently, through on-chain analysis, a second exploit targeting Alphapo was uncovered earlier this week in which an additional $37 million worth of stolen Bitcoin and Tron was identified. This brings the total estimated loss from the two cyberattacks to around $60 million. While the specifics surrounding the digital heists remain uncertain, ZachXBT stated that the tactics used bear the hallmarks of the North Korean hacking organization Lazarus, which typically leaves behind distinct forensic evidence on the blockchain when carrying out cryptocurrency thefts. Although ZachXBT believes Lazarus was likely responsible based on these on-chain patterns, the investigator did not immediately respond to media inquiries for further comment on his assessment.
