Alpha Capital claims that got “hacked” and lost 90% of all investors funds

I didn't read this news or post about, so here is another story on how users/investors lost their funds in another crypto “project”.

https://preview.redd.it/dvj0j20einca1.jpg?width=576&format=pjpg&auto=webp&v=enabled&s=55503317bfa470a4f8e9717bbde5f7b7ff86477c

Alpha Capital (dot) app is the website, can be found on google very easily but here is a copy of it: Archive.org page . As you can see these guys offered more ore less 1,15% daily on BUSD, BNB, Matic and USCD staked on their website through MetaMask or other similar wallets.

They launched the project 50 days ago, and during that time the fund raised to 2 million dollars of crypto currencies. They were supposed to stop at 2M and then go compounding only but 3 days ago they raised the limit to 5M. People could withdraw anytime but if the withdraw was made before 31 days since deposit you would lose the interest amount. There was a 5% fee on every deposit.

BNB contract on BSC chain: 0xe4018566D1A3178B3b664D0406215096b7a2533B

BUSD contract on BSC chain: 0x95b5dC0B8bd219Cb85181c35e84968E900eF497

MATIC contract on Polygon chain: 0x95b5dC0B8bd219Cb85181c35e84968E900eF4971

USDC contract on Polygon chain: 0x5b7B9B51D2526E832A4D2A6603b1AdCf6Bd8d841

Now, as stated in the website, they had a wallet for “insurance fund”, where they were putting a % of the gains and of the deposits. They claim that, while attempting to create an API on their new website for the insucrance fund, an hacker managed to get through the FTP of the site and steal their seeds and got access to the fund (now this is what I understood reading the posts from the team). The “hacker” then drained all the contracts and the insurance fund as well. The team managed to save more or less 250k$ in crypto, more or less the 10% of the total amount. the team is still deciding what to do with the amount and will post an official answer on the TG channel.

While the rug was pulled, a few users managed to withdraw their sums or part of them because other users, unaware of the situation, were depositing funds. After the funds completely depleted, if users hit the button “withdraw” they will trigger a transaction but no funds will be received. Nontheless, their “staked” amount will be not shown in the dashboard of the website because it will automatically think that funds have been withdrawn sucessfully.

The 16th of Januray 2023, the “team members” refunded around 10% of the investor's money, in USDC via MATIC.

A lot of you fellows redditors will, of course, point out that the ≈ 1,15% daily return on the investment was absolutely unsustainable and a big huge red flag. However the guys from the team also posted in their Telegram some “trades” with even some videos recording their Binance account, so a lot of people trusted them.

Another important thing is to underline that they advertised the company through some “official” websites, such as those:

Markets Insider – Wallstreet Online – Yahoo Finance – AP news – Market Watch – PR Newswire – Seeking Alpha – Benzinga

I can understand that these are “paid articles” for sure, but the fact is concerning and some of those are BIG websites.

I am not here to tell you if it was a rugpull, if the team was really hacked or if it was an inside job. I am here to try to warn people about these kind of things. If at least I manage to warn a single person and avoid him investing in some future scam it could be a good thing IMHO.

At the begninning, while I was just a reader of this subreddit, I thought that some of you were “overly anxious”. After being scammed of a lot of money in other platforms, I will not be ever again tired to say, write and read:

Not Your Keys, Not Your Coins

If it sounds too good to be true, it probably is.

Cold storage is the only safe method for holding.

Invest only what you can afford to lose (and not in crazy projects with huge red flags).

Part 2

This was following the first message:

A hacker compromised the new server we have just setup for automatic insurance fund withdrawals and profit injection located at admin.alphacapital.app.

According to the server logs, the hacker breached the FTP service running in the server which we have used to upload the code for our infrastructure. The hacker then managed to gain SSH access through the breached FTP service (we are still investigating how he was able to do this). We believe that hacker then used the server’s whitelisted IP address to drain the Binance account into his wallet, although no proof of such a script was found on the server, the hacker probably deleted all logs and files, but we will try and recover a snapshot of the server to see exactly what he did. Fortunately, Binance’s protection system disabled withdrawals and we managed to save a part of the funds. Unfortunately, it was just a small part.

The server also contained the private key of the address which was withdrawing assets from the contracts and depositing them to Binance. This was in our preparation of integrating it with the bot for automatic deposits, withdrawals and profit injections in case of a bigger position.

We would like you to know that the insurance fund still remains intact and those funds are safe. We have removed every piece of confidential information from the server to prevent any damage going forward. We will come back with another update containing the exact amount of remaining funds and the plan going forward.

Here is the screenshot.

Part 3:

This was the last message on their Telegram, before sending the “refunds”.

UPDATE

I want to start by again saying I am deeply sorry for what happened, we should have never rushed such an important component but were already 2 days late with the insurance fund and profit deposits and people started to ask every hour and like always with the best intentions in mind we chose to do this and were going to release weekly trading reports for even more transparency.

I just want to remind everyone of a few things before talking about the plan going forward because it seems to me that they were all forgotten:

-We provided the most transparent and indisputable trading reports with videos attached, there is no other project that does this. With this we proved that we were really making money

-We turned down multiple people's offers for very large deposits telling them all we don't think it's a good idea, don't want to name them directly but with their permission will do

-We didn't sell any tokens NFTs or other things even though the community asked for it

-We just raised the cap to 5M and could comfortably reach it way faster with more marketing but we chose not to do so in order to be sustainable and grow slowly

-There was no question that went unanswered since the project started and we said nothing that we didn't do in the end

-In the reported amount of funds remaining we also included the fees that we were supposed to get so not only did we not get a single cent out of this project, but we're down more than any individual here

This is a disaster for us too regardless of what anyone believes and considering of all the above points ask yourself how does it make sense to do what we did if we were going to move to a profit share model and we were going to make 200k a month from fees

Going forward first I want to say that we received a lot of DMs with threats and other things and one of the reasons for anger is also that because we said yesterday that you will have 2 options, either stay in or get out, some feel like we're trying to force as many people to keep their money here so we can ask for more later

So what we will do is first refund everyone with the funds that are still available proportional to how much they are owed, and then hopefully we will be able to create a group where we will be able to discuss and see how we can make things right for those who are still interested to explore that option.

Tomorrow we will take the snapshot for refunds, announce the list with amounts so people can signal if think we got anything wrong, it will include people who withdrew from the contract after the hack and got wrong amounts if anything at all. And then we will send everyone the funds ourselves in one go.

For now we will keep this group like this for announcements since normal conversations can't happen yet at least, but our DMs are open like before.

Thank you

Screenshot here.

Info about the “platform”

Website: https://alphacapital.app/

Email: [business@alphacapital.app](mailto:business@alphacapital.app)

Contact:

Constantin Barbu

[contact@alphacapital.app](mailto:contact@alphacapital.app)

+40752770015

Edit: had to repost the whole post without permalinks cause it was flagged as “spam” by reddit's antispam filter.

Edit 2: I've added on the main post part 2 and 3 of the messages regarding the “hack”, after I posted them in the answers to some users, in the comments. I am also adding the information of the “CEO”, found on the Yahoo Finance article, advertising the platform.


50 thoughts on “Alpha Capital claims that got “hacked” and lost 90% of all investors funds”

  1. It’s time for some regulations on these “institutions”

    All these guys want to act like financial institutions but don’t want to put in the work to secure it because they know they don’t have to.

    Or they are just the scum of the earth and its an inside job.

  2. Unsustainable model rug pulls before going to zero and calls it a hack. Sounds like a classic crypto scam story.

  3. we are going to need some “proof of hacking” thing at this point. How can there be so much hacking happenig all the time, everywhere?

  4. Cryptards are teh smrtest people on earth.

    I can’t laugh enough at these things.

  5. I kinda dislike any investment platforms sharing their information through Telegram.

  6. Bitconnect also promised 1% daily interest. I don’t know what kind of a moron you have to be to give these guys your money.

  7. > They claim that, while attempting to create an API on their new website for the insucrance fund, an hacker managed to get through the FTP of the site and steal their seeds and got access to the fund (now this is what I understood reading the posts from the team).

    There is no way any server admin is that stupid.

    • FTP directories are supposed to be in DMZs with low security.
    • Why are they keeping seeds on servers in the first place without layers of encryption?
    • If they’re smart enough to create an API, they shouldn’t be stupid enough to keep a seed on a publicly-accessible FTP server.

    Totally smells like a scam/rug pull

  8. 1%+ a day in a farm with $2-5M TVL is literally max degen, sort of hard to feel sorry, I would assume those who deposited knew what they were signing up for.

  9. 1.15% return daily. Lol. It’s been negativity for the most of the past year. Not thinking there’d be that much new blood lately. You’d think the ones left by now would be people that have been around long enough to avoid degen DeFi

  10. > While the domain was not publicly listed, the hacker somehow found out about its existence.

    Main website:

    alphacapital.app

    Admin subdomain:

    admin.alphacapital.app

    Anyone wanting to look for an admin panel would have easily found it.

    Also, not buying the story at all. So they found the admin panel, big deal. The attacker still needs credentials to get through.

  11. Starting 2023 with a big scandal. Nice, at this rate we’re gonna surpass 2022 with the scams and shitshows.

  12. I call BS on it. Seems to me these companies are taking the easy way out (claming hack) to steal people’s money.

  13. “and then the hacker somehow found out”…sure. they always do.. those “hackers”…outside and inside…

  14. LOL 1.15% daily LOLOLOL

    Just your casual 6394.546% annual return rate.

    Fuck people are dumb.

  15. I tell my wife monthly that I’ve been hacked so she doesn’t clue on to the fact I’ve doubled my DCA.

  16. Sorry, but people that „invest“ in such projects, kinda deserve it. Those projects give crypto its bad reputation.

  17. What’s the deal with their trading account? Were they claiming that this was where the yield came from?

  18. So they basically had their seed phrase behind an ftp server and it wasn’t encrypted?…. This is for sure an inside job. They set this up so that they could pretend to be hacked. It’s just too stupid.

  19. The contact name is “Constantin Barbu”, lol, this is some Kaiser Soze shit, no way that name is not made up.

  20. At this point I’m feeling more confortable leaving my stack in a casino with a 5% APY.

  21. Complete fiction. It is a new server… how did the “hacker” even know it was there? Let alone they “breached” the FTP and SSH service? What does that even mean? That doesn’t even make any sense. These services would be on a non-standard port, using both password auth and pubkey auth and the “hacker” would need to know this, and have legitimate credentials.

    Real life isn’t NCIS.

Leave a Comment