AlphaPo

2018-01-01

AlphaPo Solution Inc. established as a cryptocurrency payment gateway, incorporated in Panama, serving online gambling and gaming clients.

2023-07-22

Hot wallets across Ethereum, Tron, and Bitcoin networks drained simultaneously via alleged private key compromise; initial on-chain estimates put losses at approximately $23 million.

2023-07-23

HypeDrop publicly reports inability to process BTC, ETH, and TRX deposits and withdrawals, attributing the disruption to its payment provider AlphaPo. The Block reports the connection.

2023-07-25

ZachXBT identifies an additional $37 million in BTC and TRX transactions linked to the attacker, raising the total estimated theft to $60 million and publicly attributes the attack to the Lazarus Group.

2023-07-26

BleepingComputer and Decrypt publish analyses of the hack; Halborn security firm publishes technical breakdown citing private key compromise as root cause.

2023-08-22

FBI issues official press release attributing the AlphaPo theft to DPRK TraderTraitor-affiliated actors (Lazarus Group / APT38), citing the incident as part of a 2023 campaign exceeding $200 million in stolen cryptocurrency.

2023-08-23

FBI warns cryptocurrency exchanges that DPRK may attempt to liquidate approximately 1,580 Bitcoin linked to the combined AlphaPo, CoinsPaid, and Atomic Wallet thefts.

2023-11-29

U.S. Treasury OFAC sanctions Sinbad cryptocurrency mixer, the service used to launder AlphaPo proceeds, specifically citing its role in laundering Lazarus Group hack proceeds.