Marcel ‘s passion for the world of cryptocurrencies and his comprehensive knowledge of blockchain technology make him an invaluable asset to our team. He stays updated on the latest trends, regulations, and emerging technologies in the crypto space, ensuring that our audience receives accurate and up-to-date information.
Latest posts by Marcel Bich (see all)
- Advanced Installer’s Crypto Twist - October 15, 2023
- Hackers Exploit Designers for Mining - October 15, 2023
- Hackers Target Binance Russia - September 26, 2023
Blockchain specialists have connected the most recent attack on the payment processing website Alphapo, in which criminals stole almost $60 million in cryptocurrency, to the North Korean Lazarus hacking group.
Alphapo functions as a centralized cryptocurrency payment provider for online platforms such as gaming websites, e-commerce subscriptions, and others. The incident, which took place on July 23, had the immediate result of roughly $23 million being stolen.
The hackers stole a sizable amount of cryptocurrency by focusing on popular wallets. The vulnerability was probably made feasible via a private key leak.
According to data from Dune Analytics and crypto researcher “ZackXBT,” the attackers stole a total of $60 million from Alphapo by draining an additional $37 million in TRON and BTC.
The attempt resembles Lazarus heists, which are distinguished by leaving a distinctive blockchain fingerprint, according to ZackXBT, who made the suggestion. Aside from that, no more information was given.
Crypto Heist Masterminds: The Lazarus Connection
The Lazarus Group, a government-affiliated North Korean threat actor, has been linked to a number of high-profile thefts in the past, including the $617 million Axie Infinity robbery, the $100 million Harmony Horizon hack, and the $35 million Atomic Wallet assault.
Lazarus uses tricks like making false employment offers to get workers of cryptocurrency companies to accept malicious files, compromise their systems, and give over their login information. As a result, they are given unrestricted access to the victim’s employer’s network, which they may use to carefully plan and carry out multimillion dollar assaults.
The attempted laundering of the stolen funds through smaller crypto mixing services and exchanges like Bitget and Bybit is being monitored by analysts.
Dave Schwed, the COO of blockchain security company Halborn, believes that the attackers obtained private keys in order to access the wallets.
The Alphapo hack raises concerns about the possible misuse of cryptocurrencies by skilled hacker organizations, even though blockchain research businesses or law enforcement agencies have not independently confirmed that the North Korean threat organization was engaged in the attack.