Cryptocurrency users lost $282 million worth of Bitcoin and Litecoin in one of the largest social engineering attacks ever recorded in the cryptocurrency space.
According to blockchain researcher ZachXBT, the theft occurred on January 10, 2026 at approximately 11:00 pm UTC, and the victim was tricked into revealing the seed phrase linked to the hardware wallet. The attackers took complete control of the wallet and rapidly moved funds across multiple networks to cover their tracks.
According to ZachXBT, 2.05 million Litecoin (LTC), currently worth $153 million, and 1,459 Bitcoin (BTC), currently worth approximately $139 million, were leaked. Attackers soon began converting the stolen assets into Monero (XMR) through several instant exchange services, and the price of XMR also skyrocketed.
In parallel, a large portion of Bitcoin was bridged between Ethereum (ETH), Ripple (XRP), and Litecoin using THORChain, allowing attackers to move value between blockchains without relying on centralized exchanges. This activity has reignited debate about how decentralized cross-chain infrastructure can be exploited during large-scale thefts.
Related: Truebit exploit exposes smart contract flaws behind $26 million token issuance
$700,000 in stolen funds frozen
In a Friday post on LinkedIn, security firm ZeroShadow said it was able to track and flag some of the stolen flows in real time following alerts from its blockchain monitoring team. Within about 20 minutes, about $700,000 worth of funds were reportedly frozen before being fully converted into privacy-focused assets.
ZeroShadow claimed to have identified the victim as a Bitcoin address “belonging to an individual who was tricked into sharing a seed phrase by an attacker impersonating Trezor’s ‘value wallet’ support.”
ZachXBT also denied claims that the attack could be linked to state-sponsored hacking groups. “It’s not North Korea,” he wrote.
Related: The hidden risks of public WiFi: How a single authorization wiped out your cryptocurrency wallet
Elderly US Bitcoin holder loses $330 million
Last year, senior citizens in the United States reportedly fell victim to $330 million worth of Bitcoin theft in another large-scale social engineering scam. According to blockchain data, the victim held over 3,000 BTC since 2017 with little activity.
After the funds were moved, the attackers used Peel Chain and multiple instant exchanges to rapidly launder the Bitcoin, eventually converting much of the stolen BTC to Monero to obscure their trace.
magazine: How will cryptocurrency law change in 2025 and how will it change in 2026?
