Provider of limitless and instant payments AlphaPo has been allegedly hacked, resulting in the loss of the equivalent of $31m worth of cryptocurrency.
The attack may have allowed the illicit parties to gain access to as much as $100m with no confirmation as to the exact extent of the incident just yet. A recent report by Twitter (now X) account handle ZachXBT has pinned the amount missing to more than $60m.
The platform handles cryptocurrency payments for a number of prominent gaming operators, and reportedly brands such as Ignition and Bovada may be amongst the impacted parties.
Neither has confirmed nor denied the speculation, but both websites continue to operate business as usual with no reported disruption in withdrawals, which is a good sign for users and their funds.
The AlphaPo attack was first flagged by the company’s own security team on July 22 and triggered a response from the platform’s experts. According to AlphaPo, the hackers were able to access cryptocurrency assets denominated in Bitcoin, Ethereum, and Tron.
HypeDrop, however, a company that deals in mystery boxes powered by the blockchain, has reported problems resulting from the alleged attack on AlphaPo. A temporary disruption of service was experienced by AlphaPo clients, but the company has confirmed that its withdrawal processes are back and working.
The incident highlights two security risks that run hand-in-hand with dealing in large numbers of cryptocurrency. First, there is the fact that AlphaPo had too much money in its hot wallet or did not adequately proof its hot wallet against attacks.
Secondly, the number of incidents involving criminals targeting crypto companies storing large amounts of consumer funds have continued to increase.
Platforms have become vulnerable time and again to attacks from such illicit parties, but this is one of the first times that a company that has ties to the gambling industry has suffered an attack on a such scale.
In a similar incident this week, Solcasino.io notified users that the platform’s payment partner has been compromised, asking of players to not use any of their previous deposit addresses.
Although the Solanacasino.io statement did not confirm that its payment partner was AlphaPo specifically, the similarities of the problem and the timing of the incident fit. So far, no other gambling operator seems to have publicly confirmed a related incident.