Alphapo payment provider hack now estimated at over $60M — ZachXBT

cointelegraph.com:

The alleged Alphapo payments provider hack of July 23 is now estimated to have caused losses exceeding $60 million, according to a July 25 report from on-chain sleuth ZachXBT. The loss was previously reported at roughly $31 million.

Hack update: An additional $37M stolen on TRON & BTC from this hack has been located.This now brings the total amount stolen to $60M.This hack appears to likely have been done by Lazarus as they create a very distinct fingerprint on-chain. pic.twitter.com/ACGSXiDwW3

Alphapo is a centralized crypto payment provider for e-commerce subscription services, gaming sites and other online businesses. It’s known as the provider for mystery box platform HypeDrop and gambling sites Bovada and Ignition. On July 23, security experts began reporting that the site’s hot wallets appeared to have been drained of at least $21 million, with some sources reporting that the losses exceeded $31 million.

At the time, Alphapo did not comment on the alleged hack, but it did tell Cointelegraph that deposits and withdrawals were being reinstated at new addresses. The team said funds deposited to old addresses will be “additionally verified.” HypeDrop confirmed that its payment provider was “experiencing issues” that were causing withdrawals to be delayed but that withdrawals would be reinstated once the issue was resolved.

Related: Curve omnipool platform Conic Finance hacked for $3.2M in ETH

Neither company confirmed that the issues were caused by a hack, but security researchers have argued that the large outflows from known hot wallets, combined with stalled withdrawals, imply that the funds may have been moved by an attacker.

The new report from ZachXBT identifies an additional $37 million allegedly drained from