Crypto User Loses $282M In Social Engineering Attack — Details

bitcoinistPublicado a 2026-01-18Actualizado a 2026-01-18

Resumen

A crypto user suffered one of the largest social engineering attacks in history, losing over $282 million in Bitcoin and Litecoin on January 10, 2026. The victim was tricked into sharing their seed phrase, allowing the attacker to drain their hardware wallet. The exploiter quickly moved the funds across multiple networks, converting a significant portion into Monero (XMR), causing its price to surge to nearly $800. The stolen assets were also bridged via THORChain, reigniting debates on censorship-resistant cross-chain protocols. While some suspected state involvement, investigators ruled out North Korea. Security firm ZeroShadow confirmed the attacker impersonated Trezor support and managed to freeze around $700,000 in assets. The incident highlights ongoing vulnerabilities in the digital asset space.

2026 got off to a disastrous start for one crypto user, who fell victim to one of the largest social engineering attacks in digital asset history, losing over $282 million in Bitcoin and Litecoin.

How Crypto User Fell Victim To $282M Theft

According to prominent blockchain sleuth ZachXBT, the crypto theft occurred on January 10, 2026 at around 11:00 pm UTC. Around 2.05 million Litecoin (worth roughly $153 million) and 1,459 Bitcoin (equivalent to around $139 million) was drained from the victim’s hardware wallet after they were tricked into sharing their seed phrase.

The exploiter swiftly transferred the funds across multiple networks to obscure the trail after gaining full control of the crypto wallet. As revealed by ZachXBT, the attacker first began converting the stolen crypto assets into Monero’s native token, XMR, through multiple instant exchanges, leading to a surge in the price of XMR.

Furthermore, the exploiter bridged significant amounts of the stolen Bitcoin across Ethereum, Ripple, and Litecoin through THORChain, a decentralized cross-chain platform that enables users to swap crypto assets between different blockchain networks. Unsurprisingly, this move reignited the debate around the use — or abuse — of censorship-resistant cross-chain protocols, especially during security breaches.

After the news of the attack made it to social media, conversations around the entity or persons behind $282 million theft started, with many linking it to a state-sponsored hacking group. However, ZachXBT categorically stated that “it’s not North Korea,” potentially exonerating the infamous state-backed Lazarus Group.

Source: @zachxbt on X

In a post on LinkedIn, security firm ZeroShadow described the victim as a Bitcoin wallet “belonging to an individual who had been tricked into sharing their seed phrase by an actor impersonating Trezor ‘Value Wallet’ support.” The firm claimed that it was able to track and flag parts of the stolen funds in real time after being alerted by blockchain monitoring teams.

According to ZeroShadow, roughly $700,000 worth of crypto assets were reportedly frozen before they could be fully swapped into privacy-focused assets. This latest incident sheds light on how the digital asset industry is still being targeted by malicious actors.

XMR Price Rallies To New High Following Security Incident

As described by ZachXBT, the attacker, after gaining control of the victim’s wallet, began converting the stolen crypto assets into Monero’s native token, XMR, through several exchanges. In the background, this activity pushed the price of the privacy-focused XMR to a new all-time high around $800 over the past week.

According to data from CoinGecko, the XMR token rallied almost 80% to $797.73 from a weekly low around $450 following the crypto theft. As of this writing, XMR is valued at around $588, reflecting a nearly 25% drop in the past few days.

The price of XMR on the daily timeframe | Source: XMRUSDT chart on TradingView

Preguntas relacionadas

QWhat was the crypto user tricked into sharing that led to the loss of $282 million?

AThe crypto user was tricked into sharing their seed phrase by an actor impersonating Trezor 'Value Wallet' support.

QAccording to ZachXBT, which privacy-focused cryptocurrency did the attacker convert the stolen funds into, causing its price to rally?

AThe attacker converted the stolen funds into Monero's native token, XMR.

QWhat decentralized cross-chain platform did the exploiter use to bridge the stolen Bitcoin across different blockchain networks?

AThe exploiter used THORChain, a decentralized cross-chain platform, to bridge the stolen Bitcoin.

QHow much of the stolen crypto assets were reportedly frozen before they could be fully swapped into privacy-focused assets?

ARoughly $700,000 worth of crypto assets were reportedly frozen.

QWhat was the new all-time high price that XMR reached following the security incident, according to the article?

AXMR reached a new all-time high of around $800 following the security incident.

Lecturas Relacionadas

When Doing Cryptocurrency Payment, the First Thing is Licenses, What is the Second?

When launching a crypto payment business, obtaining the necessary licenses is the crucial first step. However, the second, and arguably more critical, step is designing a comprehensive operational framework that forms a coherent business loop. This loop must be clearly understood and executable by all stakeholders: banks, payment partners, exchanges, on-chain analytics providers, regulators, and your internal team. Many projects mistakenly believe a single license permits all operations. Licenses merely grant entry; they don't define how the specific business functions. The real challenge lies in detailing every aspect of the workflow. This involves clarifying the customer base, the flow of fiat and crypto assets, the settlement process, and establishing clear lines of responsibility for risks like AML compliance, sanctions screening, chargebacks, and regulatory inquiries. A robust framework must answer seven core questions: Who are the clients and merchants? Who collects fiat and crypto? Who handles conversion and custody? And who is ultimately accountable for compliance and risk management? Projects often fail not from a lack of licensing, but during due diligence when they cannot convincingly explain these operational details. Therefore, beyond securing licenses, the priority must be constructing a closed-loop system. This system ensures the business model is transparent, risks are managed, responsibilities are delineated, contracts are aligned, and the entire process is comprehensible to partners and regulators. The true competitive edge in crypto payments lies not in acquiring a license quickly, but in integrating licensing, banking, compliance, and operations into a sustainable and executable whole.

marsbitHace 32 min(s)

When Doing Cryptocurrency Payment, the First Thing is Licenses, What is the Second?

marsbitHace 32 min(s)

Arthur Hayes Analysis: AI Bubble Nears Burst, Crypto Market Faces Short-Term Pressure

Arthur Hayes argues that the current AI market is a bubble poised to burst, which will exert downward pressure on the crypto market in the near term. The core trigger is rising oil prices due to the US-Iran conflict and a blockade of the Strait of Hormuz. Higher energy costs directly increase the operational expenses of AI data centers, squeezing profit margins for companies like Google, Anthropic, and OpenAI. Hayes predicts that persistent inflation from high oil prices will force Trump, in a bid to win the November election, to turn public sentiment against the AI industry. He may propose regulations and taxes on data centers and AI companies to appeal to voters concerned about costs and job displacement. Such political rhetoric could shatter market confidence. Furthermore, the market is unlikely to healthily absorb the massive concurrent IPOs of SpaceX, Anthropic, and OpenAI, which together seek valuations in the trillions. The combination of soaring energy costs, overwhelming equity supply, and negative political pressure will puncture the AI bubble. Hayes notes that nearly all new USD liquidity since 2022 has flowed into AI, leaving crypto like Bitcoin behind. When the AI bubble bursts, liquidity will contract sharply, pulling down all risk assets, including cryptocurrencies. In response, Hayes's fund, Maelstrom, has sold all AI-related stocks and non-core cryptocurrencies. It maintains core positions in Bitcoin and Ethereum while increasing exposure to energy sector equities, betting on rising oil and gas prices. He expects Bitcoin to bottom after the AI-led market decline, before rallying again with future monetary easing.

Foresight NewsHace 46 min(s)

Arthur Hayes Analysis: AI Bubble Nears Burst, Crypto Market Faces Short-Term Pressure

Foresight NewsHace 46 min(s)

To C, To B, and the Next Big Thing Called To A

After To C and To B, the Next Wave is To A: Serving AI Agents In a recent quarterly earnings call, Meituan's Wang Xing introduced a new concept: To A (To Agent), signifying that future business services will increasingly target AI Agents as primary clients, not just consumers or merchants. This shift implies that internet giants must now consider how to make their services more appealing for AI Agents to recommend, fundamentally altering traditional distribution logic. This "To A era" is prompting an unusual trend of alliances among major tech companies. Unlike previous competitive battles, firms like Meituan, Tencent, JD.com, Huawei, OPPO, and OpenAI are rapidly forming partnerships. The reason is strategic: as AI Agents become the primary user interface, handling tasks from a single command (e.g., "Book a Japanese restaurant for tomorrow"), the risk for platforms is being bypassed entirely. Companies are positioning themselves within this new value chain. Three primary strategies are emerging: 1. **Super-Entry Points + Service Providers:** Platforms like Tencent's Yuanbao, WeChat, and ChatGPT aim to be the first-stop Agent, integrating various services (food delivery, shopping, travel) from partners like Meituan and JD.com. 2. **Apps as Callable Services:** Companies like Meituan, JD.com, and Uber are ensuring their core services remain accessible and callable by external Agents, shifting from front-end apps to back-end capabilities. 3. **System-Level Agent Entry Points:** Smartphone makers (Huawei, Honor, OPPO) are leveraging their OS-level AI assistants to control the initial user command, redistributing it to relevant service apps. While alliances offer mutual benefit—entry points gain service capabilities, and service providers gain traffic—inherent conflicts of interest exist. A dominant Agent platform could eventually attempt to connect directly with suppliers (restaurants, hotels), bypassing current aggregators like Meituan or Ctrip. Other unresolved challenges include the potential for Agent recommendations to become a new form of paid ranking and unclear accountability for faulty recommendations. The current rush to form alliances is a defensive move by service providers to secure their position before the landscape solidifies. In this To A-driven restructuring, the greatest risk is not losing the race but failing to hear the starting gun.

marsbitHace 55 min(s)

To C, To B, and the Next Big Thing Called To A

marsbitHace 55 min(s)

The More Lifelike the Robot, the More Terrifying? Unveiling the 'Uncanny Valley Effect' in the Era of Humanoid Robots

As humanoid robots become increasingly lifelike, they confront a significant psychological barrier known as the "Uncanny Valley Effect," a concept proposed by Japanese roboticist Masahiro Mori in 1970. This phenomenon describes a dip in human comfort and acceptance when robots appear almost, but not perfectly, human. Minor imperfections in facial expressions, eye movements, or skin texture trigger a subconscious sense of unease, as the brain detects something trying, yet failing, to mimic a person. Examples range from the controversial human-like robot Sophia to animated characters in films like *The Polar Express*. The effect poses a key design challenge for robotics companies. Some, like Boston Dynamics, avoid it entirely by creating highly capable but visibly mechanical robots. Others, like Hanson Robotics, push for greater human likeness despite the risk. For consumer robots, especially in homes, most manufacturers opt for stylized or clearly mechanical designs to ensure broader acceptance. While the Uncanny Valley remains a powerful force, its impact may diminish over time through technological advancements that achieve near-perfect realism or through generational familiarity as people grow accustomed to interacting with humanoid machines. Ultimately, navigating this psychological frontier requires as much understanding of human perception as of robotics technology itself.

marsbitHace 56 min(s)

The More Lifelike the Robot, the More Terrifying? Unveiling the 'Uncanny Valley Effect' in the Era of Humanoid Robots

marsbitHace 56 min(s)

Over $31 Million Stolen from Humanity, Is the Team Behind It Paving the Way for a New Project?

The article reports a major security incident involving Humanity Protocol (H), resulting in over $31 million stolen. The team attributes the hack to a private key leak from a Humanity Foundation member, leading to a rapid sale of H tokens and a 90% price drop. However, prominent on-chain investigator ZachXBT suggests the event might be an "exit scam" orchestrated by the team, rather than an external hack. This suspicion is fueled by the team's controversial history, including past management failures, legal issues, and previous scandals like outsourced technology and problematic airdrops. Further investigation reveals that the core team behind Humanity is already involved with a new project called "Everything," which recently secured funding. This has led to community speculation that the alleged hack is a deliberate scheme to abandon the H project while shifting focus and resources to their new venture, leaving investors to bear the losses. The article questions whether this is a genuine security failure or a premeditated "rug pull" strategy.

Odaily星球日报Hace 2 hora(s)

Over $31 Million Stolen from Humanity, Is the Team Behind It Paving the Way for a New Project?

Odaily星球日报Hace 2 hora(s)

Trading

Spot

Futuros

Artículos destacados

Cómo comprar ONE

¡Bienvenido a HTX.com! Hemos hecho que comprar Harmony (ONE) sea simple y conveniente. Sigue nuestra guía paso a paso para iniciar tu viaje de criptos.Paso 1: crea tu cuenta HTXUtiliza tu correo electrónico o número de teléfono para registrarte y obtener una cuenta gratuita en HTX. Experimenta un proceso de registro sin complicaciones y desbloquea todas las funciones.Obtener mi cuentaPaso 2: ve a Comprar cripto y elige tu método de pagoTarjeta de crédito/débito: usa tu Visa o Mastercard para comprar Harmony (ONE) al instante.Saldo: utiliza fondos del saldo de tu cuenta HTX para tradear sin problemas.Terceros: hemos agregado métodos de pago populares como Google Pay y Apple Pay para mejorar la comodidad.P2P: tradear directamente con otros usuarios en HTX.Over-the-Counter (OTC): ofrecemos servicios personalizados y tipos de cambio competitivos para los traders.Paso 3: guarda tu Harmony (ONE)Después de comprar tu Harmony (ONE), guárdalo en tu cuenta HTX. Alternativamente, puedes enviarlo a otro lugar mediante transferencia blockchain o utilizarlo para tradear otras criptomonedas.Paso 4: tradear Harmony (ONE)Tradear fácilmente con Harmony (ONE) en HTX's mercado spot. Simplemente accede a tu cuenta, selecciona tu par de trading, ejecuta tus trades y monitorea en tiempo real. Ofrecemos una experiencia fácil de usar tanto para principiantes como para traders experimentados.

282 Vistas totalesPublicado en 2024.12.12Actualizado en 2026.06.02

Discusiones

Bienvenido a la comunidad de HTX. Aquí puedes mantenerte informado sobre los últimos desarrollos de la plataforma y acceder a análisis profesionales del mercado. A continuación se presentan las opiniones de los usuarios sobre el precio de ONE (ONE).