Audit log

Every state-changing event for AlphaPo: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-19 21:18:06Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 420,849,036

   sig

   2vsEAmwhR2Ku…Q1PQzwbfcopyexplorer ↗

   hash

   67Jtn9mUqBDe…dYMaJxE3copysha256 → base58

   verifying row…full verify ↗

   canonical bytes (7037 B) ▸

   {"actor":"system:backfill","investigation_id":"d4bee666-6fbc-4dfb-a664-5ddafeb35c88","kind":"publish","page_slug":"alphapo","published_at":"2026-05-19T21:18:06.799Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"AlphaPo","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://alphapo.net/"},{"credibility":3,"name":"","type":"other","url":"https://fintelegram.com/coinspaid-crypto-payment-processor-investor-briefing/"},{"credibility":3,"name":"","type":"other","url":"https://stopfrauders.org/unraveling-the-coinspaid-group-and-its-alleged-misconduct-a-closer-look-at-coinspaid-and-alphapo/"},{"credibility":3,"name":"","type":"other","url":"https://www.casino.org/news/gaming-operators-suffer-in-31m-hack-of-cryptocurrency-payments-platform/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/alphapo-payment-provider-hack-estimated-over-60m-on-chain-sleuth"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/alphapo-hot-wallets-hacked-for-over-31-million"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-alphapo-hack-july-2023"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist/"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/241048/alphapo-hot-wallets-drained-for-23-million-hypedrop-disables-withdrawals"},{"credibility":3,"name":"","type":"other","url":"https://www.trmlabs.com/resources/blog/us-treasury-sanctions-north-koreas-preferred-mixer-sinbad"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"credibility":3,"name":"","type":"other","url":"https://therecord.media/north-korea-lazarus-behind-crypto-heists"},{"credibility":3,"name":"","type":"other","url":"https://decrypt.co/150282/north-korean-hacker-cell-lazarus-allegedly-behind-60m-alphapo-hack"},{"credibility":3,"name":"","type":"other","url":"https://techcrunch.com/2023/08/23/fbi-north-korea-lazarus-crypto/"},{"credibility":3,"name":"","type":"other","url":"https://www.cpomagazine.com/cyber-security/crypto-sleuth-attributes-the-alphopo-crypto-theft-to-north-korean-hackers-raises-the-amount-stolen-to-60-million/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.merklescience.com/blog/hack-track-alphapo-flow-of-funds-analysis"},{"credibility":3,"name":"","type":"other","url":"https://www.trmlabs.com/resources/blog/us-treasury-sanctions-north-koreas-preferred-mixer-sinbad"},{"credibility":3,"name":"","type":"other","url":"https://github.com/tayvano/lazarus-bluenoroff-research/blob/main/hacks-and-thefts/alphapo_coinspaid.md"},{"credibility":3,"name":"","type":"other","url":"https://www.elliptic.co/blog/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics"},{"credibility":3,"name":"","type":"other","url":"https://www.scorechain.com/blog/alphapo-hack-now-estimated-at-over-60m"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/241048/alphapo-hot-wallets-drained-for-23-million-hypedrop-disables-withdrawals"},{"credibility":3,"name":"","type":"other","url":"https://www.casino.org/news/gaming-operators-suffer-in-31m-hack-of-cryptocurrency-payments-platform/"},{"credibility":3,"name":"","type":"other","url":"https://www.web3isgoinggreat.com/?id=alphapo-hack"},{"credibility":3,"name":"","type":"other","url":"https://beincrypto.com/alphapo-hot-wallet-hack/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-alphapo-hack-july-2023"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/252081/humans-remain-weakest-link-coinspaid-ceo-lazarus-group-hack"},{"credibility":3,"name":"","type":"other","url":"https://stopfrauders.org/unraveling-the-coinspaid-group-and-its-alleged-misconduct-a-closer-look-at-coinspaid-and-alphapo/"}]}],"sources_used":[],"summary":"AlphaPo is a cryptocurrency payment processor incorporated in Panama and operating primarily in the online gambling sector, serving clients such as HypeDrop, Bovada, and Ignition. On July 22, 2023, attackers drained approximately $60 million in ETH, BTC, and TRX from its hot wallets via a private key compromise, disrupting withdrawals across multiple dependent platforms. On-chain investigator ZachXBT and subsequently the FBI attributed the attack to the DPRK-affiliated Lazarus Group (also designated TraderTraitor and APT38), placing the incident within a broader 2023 North Korean cryptocurrency theft campaign that totaled over $200 million.","timeline":[{"date":"2018-01-01","event":"AlphaPo Solution Inc. established as a cryptocurrency payment gateway, incorporated in Panama, serving online gambling and gaming clients.","source":""},{"date":"2023-07-22","event":"Hot wallets across Ethereum, Tron, and Bitcoin networks drained simultaneously via alleged private key compromise; initial on-chain estimates put losses at approximately $23 million.","source":""},{"date":"2023-07-23","event":"HypeDrop publicly reports inability to process BTC, ETH, and TRX deposits and withdrawals, attributing the disruption to its payment provider AlphaPo. The Block reports the connection.","source":""},{"date":"2023-07-25","event":"ZachXBT identifies an additional $37 million in BTC and TRX transactions linked to the attacker, raising the total estimated theft to $60 million and publicly attributes the attack to the Lazarus Group.","source":""},{"date":"2023-07-26","event":"BleepingComputer and Decrypt publish analyses of the hack; Halborn security firm publishes technical breakdown citing private key compromise as root cause.","source":""},{"date":"2023-08-22","event":"FBI issues official press release attributing the AlphaPo theft to DPRK TraderTraitor-affiliated actors (Lazarus Group / APT38), citing the incident as part of a 2023 campaign exceeding $200 million in stolen cryptocurrency.","source":""},{"date":"2023-08-23","event":"FBI warns cryptocurrency exchanges that DPRK may attempt to liquidate approximately 1,580 Bitcoin linked to the combined AlphaPo, CoinsPaid, and Atomic Wallet thefts.","source":""},{"date":"2023-11-29","event":"U.S. Treasury OFAC sanctions Sinbad cryptocurrency mixer, the service used to launder AlphaPo proceeds, specifically citing its role in laundering Lazarus Group hack proceeds.","source":""}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision f93d9042-ae61-4106-8f52-d0fb0e62f0cecopy