Hundreds of Wallets Drained on EVM Chains With No Root Cause, ZachXBT Warns — $107K Lost So Far and Counting

ccn.comPublicado em 2026-01-02Última atualização em 2026-01-02

Resumo

Blockchain investigator ZachXBT warns of a coordinated attack draining hundreds of crypto wallets across multiple Ethereum Virtual Machine (EVM)-compatible chains, with no confirmed root cause yet identified. The incident has resulted in approximately $107,000 in losses so far, with the total continuing to rise. Each affected wallet lost relatively small amounts, typically under $2,000, suggesting a broad but low-value attack designed to avoid detection. ZachXBT flagged a suspicious address potentially linked to the activity. This follows a separate security incident over the Christmas holiday involving unauthorized withdrawals from self-custody wallets, which Trust Wallet later confirmed was related to its Browser Extension version 2.68. These incidents highlight ongoing security risks in the EVM ecosystem, despite long-term efforts to strengthen network resilience, such as the Ethereum Foundation's "Lean Ethereum" initiative aimed at improving security and scalability.

Hundreds of crypto wallets across multiple Ethereum Virtual Machine (EVM)-compatible chains are being drained in a coordinated attack with no confirmed root cause, according to blockchain investigator ZachXBT.

The wave of attacks has raised renewed concerns over security risks across the Ethereum ecosystem, even as developers continue to explore ways to strengthen the network’s long-term resilience.

Try Our Recommended Crypto Exchanges

XM.com

promotions

Get 100% Bonus up to $100 on your first Deposit.<\/strong>"}' data-trk="68df7fd8872238d510dfbf06" href="https://clicks.pipaffiliates.com/c?c=1104900&l=en&p=1" rel="nofollow" target="_blank"> Get 100% Bonus up to $100 on your first Deposit.

Coins

Claim Offer

"}' data-trk="6899b9831836d97539c51aa6" href="https://www.bitunix.com/" rel="nofollow" target="_blank">

Bitunix<\/h3>"}' data-trk="6899b9831836d97539c51aa6" href="https://www.bitunix.com/" rel="nofollow" target="_blank">

Bitunix

promotions

Receive up to $100,000 worth of exclusive gifts for newcomers upon registration.<\/strong>"}' data-trk="6899b9831836d97539c51aa6" href="https://www.bitunix.com/" rel="nofollow" target="_blank"> Receive up to $100,000 worth of exclusive gifts for newcomers upon registration.

Coins

Claim Offer

"}' data-trk="67adf8d4f12aaec7e4808bf5" href="https://bonus.bitget.com/CCN12" rel="nofollow" target="_blank">

Bitget<\/h3>"}' data-trk="67adf8d4f12aaec7e4808bf5" href="https://bonus.bitget.com/CCN12" rel="nofollow" target="_blank">

Bitget

promotions

Earn rewards worth up to 5,000 USDT on your first deposit<\/strong>"}' data-trk="67adf8d4f12aaec7e4808bf5" href="https://bonus.bitget.com/CCN12" rel="nofollow" target="_blank"> Earn rewards worth up to 5,000 USDT on your first deposit

Coins

Claim Offer

Unknown Hack on EVM Chains

The incident has so far resulted in losses of about $107,000, with the total still increasing, ZachXBT said on Thursday.

Each affected wallet has lost relatively small amounts — typically less than $2,000 — suggesting a broad but low-value attack that may have been designed to avoid early detection.

“It appears hundreds of wallets are currently being drained on various EVM chains for small amounts per victim, with a root cause not yet identified,” ZachXBT said.

He flagged a suspicious address — 0xAc2e5153170278e24667a580baEa056ad8Bf9bFB — as potentially linked to the activity.

No protocol has publicly acknowledged responsibility for the losses, and affected users span multiple blockchains that share Ethereum’s EVM architecture.

Holiday Hacks

The latest EVM chain wallet drains follow a separate security incident reported over the Christmas holiday, when a growing number of users flagged unauthorized withdrawals from self-custody wallets across multiple blockchains.

The issue was first publicly raised on Christmas Day by ZachXBT, who said he had received multiple independent reports from affected users and issued a community alert.

Within hours, the warning spread across Telegram and X, prompting concern among wallet users and security researchers.

“A number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours,” ZachXBT wrote on Telegram.

He added that while the root cause had not yet been determined, the reports closely followed a recent update to the Trust Wallet Chrome browser extension.

ZachXBT cautioned that timing alone did not establish causation.

At the time, no immediate official security advisory had been issued.

Trust Wallet later released a statement confirming a security incident affecting Trust Wallet Browser Extension version 2.68.

“We understand how concerning this is and our team is actively working on the issue,” the company said.

Balancer Exploit

In November, decentralized exchange protocol Balancer suffered one of the largest DeFi exploits of the year, losing nearly $117 million after attackers drained multiple liquidity pools in rapid succession.

On-chain data showed the stolen tokens were quickly consolidated into a newly created wallet controlled by the attacker.

The Balancer hack’s stolen assets. Source: Lookonchain

Balancer later confirmed the breach stemmed from a faulty access control check in its V2 smart contracts.

The flaw allowed an attacker to bypass permission checks by supplying a malicious op.sender parameter, enabling unauthorized withdrawals from internal balances.

The exploit primarily affected older Balancer V2 pools, including those holding staked ether derivatives, and may have exposed more than $60 million in downstream protocols that relied on the same code.

Researchers Long-term Security

The latest incidents highlight ongoing security risks across the EVM ecosystem, even as Ethereum researchers outline long-term plans to harden execution.

In August, Ethereum Foundation researcher Justin Drake detailed an initiative known as “Lean Ethereum,” a proposal aimed at making the network faster and more secure.

“Ethereum is unique,” Drake wrote in a series of blog posts, citing the network’s uninterrupted uptime since launch and the scale of economic security secured by staked ether.

“Lean Ethereum is more than a blueprint for hardening and scaling Ethereum,” he wrote.

“More than just doubling down on security, decentralization, and cutting-edge cryptography. It is an aesthetic,” Drake writes.

Drake has argued that while quantum computers cannot yet break blockchain cryptography, advances over the coming decade could pose risks if networks fail to prepare.

His proposal includes new cryptographic techniques designed to make Ethereum quantum-resistant while also improving scalability.

Under the proposal, Ethereum’s main execution layer could eventually handle around 10,000 transactions per second.

Drake has suggested that real-time zero-knowledge virtual machines and advanced data availability techniques could play a central role.

Top Picks for Ethereum

Best Exchanges for Ethereum Get A Great Offer When You Join These Exchanges
Buy Ethereum Fast & Easy How To Buy Ethereum With a Credit Card Now
Best Online Casinos for Ethereum See Our Picks for the Best Crypto Gambling Sites

Perguntas relacionadas

QWhat is the estimated total loss from the coordinated attack on EVM-compatible chains as reported by ZachXBT?

AThe estimated total loss is about $107,000, and the amount is still increasing.

QWhat is the suspected address linked to the wallet draining activity on EVM chains?

AThe suspicious address flagged by ZachXBT is 0xAc2e5153170278e24667a580baEa056ad8Bf9bFB.

QWhich wallet extension was implicated in a separate security incident over the Christmas holiday?

AThe Trust Wallet Browser Extension, specifically version 2.68, was implicated in a security incident over the Christmas holiday.

QWhat was the root cause of the Balancer exploit that occurred in November?

AThe Balancer exploit was caused by a faulty access control check in its V2 smart contracts, allowing an attacker to bypass permission checks with a malicious op.sender parameter.

QWhat is the name of the Ethereum Foundation researcher's initiative aimed at making the network more secure and scalable?

AThe initiative is called 'Lean Ethereum,' proposed by Ethereum Foundation researcher Justin Drake to harden security and improve scalability.

Leituras Relacionadas

BTC Market Pulse: Week 26

Bitcoin's market activity has cooled as it consolidates after a strong recovery. Spot trading volume has decreased, and order flow has shifted to net selling. While price momentum remains constructive, institutional demand has softened, evidenced by continued net outflows from US spot ETFs and lower on-chain transfer volumes. Derivatives markets show a cautious stance. Futures open interest is stable, but declining perpetual buying pressure and a rise in demand for downside protection indicate a more defensive trader posture. Beneath the surface, supply dynamics remain supportive. Supply is increasingly held by long-term holders, profitability is high, and realized gains are increasing. A slight rise in active short-term capital could lead to higher volatility. Overall, Bitcoin is range-bound. Fading momentum and moderated participation are balanced by resilient holder behavior, stable futures positioning, and healthy profitability, creating a foundation that awaits the next major market catalyst.

insights.glassnodeHá 5h

insights.glassnodeHá 5h

Infamous MEV Bot JaredFromSubway Drained For $7.5 Million

The notorious Ethereum MEV bot "JaredFromSubway" has been drained of approximately $7.5 million after attackers tricked its automated system. Security firm Blockaid reported that the bot was deceived into approving malicious trading routes by attacker-controlled contracts. These approvals were then used to siphon WETH, USDC, and USDT from the bot's contract. The incident is ironic as MEV bots are designed to exploit minute market advantages, but in this case, its own automation became the vulnerability. The attack specifically targeted the bot's trading logic, not the Ethereum protocol or a broader DeFi application. It underscores a critical risk in automated trading: the pursuit of speed can create fragility, making systems susceptible to carefully crafted traps. While the financial loss is significant, the broader impact is reputational for MEV infrastructure. It serves as a warning that automated systems granting token approvals require stringent safeguards, simulation, and route verification. The event is considered a targeted exploit on a trading bot, not a network-wide security issue.

bitcoinistHá 7h

Infamous MEV Bot JaredFromSubway Drained For $7.5 Million

bitcoinistHá 7h

Report Interpretation: J.P. Morgan Details Micron's Pre-Earnings Sentiment, Current Hardware Sector Dynamics

Morgan Stanley analyst Joshua Meyers' report (June 21, 2026) highlights key trends in the hardware and semiconductor sector ahead of Micron's earnings. The core takeaways are: 1. **Micron & Memory:** Memory remains a high-conviction long theme, driven by strong AI demand and rising ASPs. However, investor focus is shifting to the sustainability of Micron's >80% gross margins and the specifics of potential new long-term supply agreements (SCAs). 2. **Hardware Supply Chain:** AI-related demand for servers, networking, and storage remains robust, but company performance is diverging. Celestica (CLS) shows improved margin confidence, Western Digital and Seagate benefit from pricing, Fabrinet (FN) sees predictable AI optics growth, and Teradyne (TER) anticipates a new Google customer. 3. **AI Capex & WFE Forecasts:** JPMorgan increased its Wafer Fab Equipment (WFE) market growth forecasts to 28% in 2026 and 29% in 2027. AI infrastructure financing is evolving, with higher project-level debt reducing constraints on capex expansion. The report signals that while the AI-driven hardware cycle is strong, the market is entering a phase focused on execution verification (e.g., Micron's SCA details, Fabrinet's ramp with Amazon) and valuation sustainability. Key near-term signals include Micron's guidance, Arista Networks' outlook, and the pace of demand normalization post potential tariff-related pull-ins.

marsbitHá 8h

Report Interpretation: J.P. Morgan Details Micron's Pre-Earnings Sentiment, Current Hardware Sector Dynamics

marsbitHá 8h

Research Report Analysis: The Fed's New Chair's Debut – New Leader, But Same Script?

Report Analysis: Federal Reserve's New Chair Debut – A New Captain, But the Same Script? Morgan Stanley's chief global economist Seth B. Carpenter analyzes the first FOMC meeting under new Fed Chair Kevin Warsh in a June 21 report. Warsh deliberately avoided providing forward guidance on interest rates, aligning with his philosophy. However, market expectations for a rate hike this year were reinforced. Key signals lie elsewhere: inflation may fall more than expected, and quantitative tightening (QT) could be more aggressive than anticipated. The FOMC's "dot plot" suggests only one rate hike in 2026. Carpenter argues that if inflation undershoots forecasts, the logic for even a single hike weakens, especially as projections indicate potential rate cuts in 2027. On QT, Warsh's stance is clear. Carpenter notes that measures like halving the Treasury's account balance could shrink the Fed's balance sheet by around $500 billion with minimal market impact. Combined with adjustments to reserve interest and liquidity rules, the ultimate QT scale may exceed expectations, though its market effect might be less disruptive unless the Fed actively sells Mortgage-Backed Securities (MBS). While Warsh initiated a review of the Fed's policy framework, the 2% inflation target remains intact for now. The report concludes that the market may be overestimating the significance of reduced forward guidance and the near-term rate hike risk, while potentially underestimating the scope and manageable nature of the coming balance sheet reduction. The key debates will hinge on upcoming core PCE data, the specifics of the QT path, and the framework review's findings.

marsbitHá 8h

Research Report Analysis: The Fed's New Chair's Debut – New Leader, But Same Script?

marsbitHá 8h

Critical Game Week: BTC Retracement Confirmation vs. HYPE Support Battle | Guest Analysis

This weekly analysis outlines a critical juncture for BTC and HYPE markets, focusing on key price level confirmations. **BTC Analysis:** BTC is at a pivotal point after a five-wave rally from the June 5th low of $59,100. The price has broken below a short-term rising channel's lower boundary, with the current move seen as a pullback to test this breakdown. Failure to reclaim this level could lead to a retest of the $59,000-$60,000 support zone. The core scenario hinges on this channel retest outcome. * **Key Levels:** Resistance at $64,500-$65,000 (channel boundary) and $69,500-$70,500. Support at $59,000-$60,000 and $55,000. * **Strategy:** A core bearish stance is maintained (20% short from last week), with short-term plans for tactical trades. Three detailed contingency plans (A/B/C) are provided for short positions on resistance tests or breakdowns, emphasizing strict stop-loss discipline. **HYPE Analysis:** HYPE shows strong momentum but is currently in a corrective phase after hitting a new high of $76.94. The price is retesting the crucial $64-$66 support area. * **Key Levels:** Resistance near $77 and $80-$82. Support at $64-$66 and $52-$54. * **Strategy:** The short-term approach is "buy on dips, avoid chasing rallies." A long position is considered only if clear stabilization signals appear at the $64-$66 or deeper $52-$54 support zones, with tight risk controls. **General Risk Management:** A standardized trailing stop-loss protocol is emphasized: set initial stop, breakeven at +1% profit, then trail stops upward to lock in gains. *Disclaimer: All analysis is presented as a personal trading framework, not investment advice. Market conditions are complex and require dynamic adjustment.*

marsbitHá 8h