On-Chain Detective ZachXBT: A certain wallet was stolen through "social engineering attack" involving $282 million worth of BTC and LTC

2026-01-17 08:15:29

Abstract generation in progress

Blockchain detective ZachXBT reveals that a coin holder experienced a suspected hardware wallet social engineering attack in mid-January, losing over $282 million worth of Litecoin and Bitcoin in one go.
(Background: TrueBit protocol suspected hacking! 8,535 ETH transferred abnormally, $TRU instantly cut in half)
(Additional context: North Korean hackers set a record in 2025 by stealing $2.02 billion in cryptocurrency, with a money laundering cycle of about 45 days)

Independent on-chain investigator ZachXBT pointed out that around 11:00 PM UTC on January 10, a large-scale crypto asset theft occurred. A victim was suspected of falling for a social engineering scam related to hardware wallets, losing over $282 million worth of Litecoin (LTC) and Bitcoin (BTC).

Based on on-chain information compiled by this investigator, after the assets were stolen, the attacker began converting large amounts of LTC and BTC into Monero (XMR) through multiple “instant exchange” services, causing XMR prices to spike significantly in a short period.

Meanwhile, some Bitcoin was transferred across chains via Thorchain to networks like Ethereum, Ripple, and Litecoin, increasing the difficulty of tracking.

The stolen addresses exposed in this incident include approximately 2.05 million LTC and 1,459 BTC, marked as:

BTC: bc1qluxw46r55wf3dnk9c652vrt4duadm3hpuktf86

BTC: bc1qpsmh26ja0fzzf286zulmt9eywujc2pggj40wzm

LTC: ltc1qly43c2prj4c2e85dcspzpjd36jnapnenldnr70

This event demonstrates that even using hardware wallets, which are considered relatively secure self-custody tools, large assets can still be transferred and laundered quickly if targeted by sophisticated social engineering attacks during authentication, private key management, or customer support processes. Privacy coins and cross-chain mechanisms further enhance anonymity.

For professional and institutional investors, relying solely on “cold wallets” is no longer sufficient. Designing stricter manual procedures and permission controls will be a key focus in subsequent discussions of such incidents.

(##

BTC0,45%

LTC1,14%

TRU4,64%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.