A crypto holder misplaced over $282 million in Bitcoin and Litecoin on January 10 via a {hardware} pockets social engineering rip-off, in line with blockchain investigator ZachXBT.
Abstract
- A single crypto holder misplaced over $282M in Bitcoin and Litecoin in a {hardware} pockets rip-off.
- Stolen funds had been laundered by way of Thorchain and transformed into Monero, spiking XMR worth.
- ZachXBT linked the theft to a wider January wallet-draining marketing campaign throughout chains.
The theft occurred round 11 pm UTC and is without doubt one of the largest particular person crypto heists of 2026.
The attacker instantly started laundering stolen property via a number of instantaneous exchanges, changing LTC and BTC into Monero.
The large conversion quantity triggered Monero (XMR) worth to sharply enhance because the attacker processed tons of of hundreds of thousands in stolen funds.
Bitcoin (BTC) was additionally bridged to Ethereum (ETH), Ripple (XRP), and Litecoin (LTC) networks by way of Thorchain to obscure the path.
Attacker exploits {hardware} pockets belief to loot Bitcoin
{Hardware} wallets are thought of among the many most safe strategies for storing cryptocurrency since non-public keys by no means depart the bodily system.
Social engineering assaults bypass this safety by manipulating victims into voluntarily compromising their very own wallets.
The precise social engineering methodology used within the $282 million theft stays unclear. Frequent {hardware} pockets scams embody phishing web sites that seize seed phrases, faux buyer help impersonating official pockets firms, or malicious firmware replace prompts.
ZachXBT’s investigation tracked the stolen funds throughout a number of blockchains and exchanges. The Thorchain bridging exercise distributed stolen Bitcoin throughout Ethereum, Ripple, and Litecoin networks.
A whole bunch of wallets drained in assault wave
The $282 million theft is the most important single sufferer in a broader assault marketing campaign concentrating on cryptocurrency wallets throughout EVM-compatible chains. ZachXBT reported tons of of wallets being drained in early January via ongoing assaults.
The broader marketing campaign focused quite a few wallets for smaller quantities, with particular person losses usually below $2,000 per sufferer. Whereas every theft stays modest, cumulative losses elevated because the assault continued.
December 2025 noticed roughly 26 main crypto exploits leading to $76 million in complete losses, in line with blockchain safety agency PeckShield. The determine is a 60% decline from November’s $194.27 million in exploit losses.
January’s early information signifies exploit exercise could also be rebounding with the $282 million {hardware} pockets theft and ongoing pockets draining marketing campaign.
{Hardware} pockets producers haven’t issued warnings about particular social engineering campaigns.
Customers ought to confirm all communication claiming to be from pockets firms via official channels and by no means enter seed phrases into web sites.
