Hundreds of crypto wallets across multiple Ethereum Virtual Machine (EVM)-compatible chains are being drained in a coordinated attack with no confirmed root cause, according to blockchain investigator ZachXBT.
The wave of attacks has raised renewed concerns over security risks across the Ethereum ecosystem, even as developers continue to explore ways to strengthen the network’s long-term resilience.
XM.com
Bitunix
Bitget
Unknown Hack on EVM Chains
The incident has so far resulted in losses of about $107,000, with the total still increasing, ZachXBT said on Thursday.
Each affected wallet has lost relatively small amounts — typically less than $2,000 — suggesting a broad but low-value attack that may have been designed to avoid early detection.
“It appears hundreds of wallets are currently being drained on various EVM chains for small amounts per victim, with a root cause not yet identified,” ZachXBT said.
He flagged a suspicious address — 0xAc2e5153170278e24667a580baEa056ad8Bf9bFB — as potentially linked to the activity.
No protocol has publicly acknowledged responsibility for the losses, and affected users span multiple blockchains that share Ethereum’s EVM architecture.
Holiday Hacks
The latest EVM chain wallet drains follow a separate security incident reported over the Christmas holiday, when a growing number of users flagged unauthorized withdrawals from self-custody wallets across multiple blockchains.
The issue was first publicly raised on Christmas Day by ZachXBT, who said he had received multiple independent reports from affected users and issued a community alert.
Within hours, the warning spread across Telegram and X, prompting concern among wallet users and security researchers.
“A number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours,” ZachXBT wrote on Telegram.
He added that while the root cause had not yet been determined, the reports closely followed a recent update to the Trust Wallet Chrome browser extension.
ZachXBT cautioned that timing alone did not establish causation.
At the time, no immediate official security advisory had been issued.
Trust Wallet later released a statement confirming a security incident affecting Trust Wallet Browser Extension version 2.68.
“We understand how concerning this is and our team is actively working on the issue,” the company said.
Balancer Exploit
In November, decentralized exchange protocol Balancer suffered one of the largest DeFi exploits of the year, losing nearly $117 million after attackers drained multiple liquidity pools in rapid succession.
On-chain data showed the stolen tokens were quickly consolidated into a newly created wallet controlled by the attacker.
Balancer later confirmed the breach stemmed from a faulty access control check in its V2 smart contracts.
The flaw allowed an attacker to bypass permission checks by supplying a malicious op.sender parameter, enabling unauthorized withdrawals from internal balances.
The exploit primarily affected older Balancer V2 pools, including those holding staked ether derivatives, and may have exposed more than $60 million in downstream protocols that relied on the same code.
Researchers Long-term Security
The latest incidents highlight ongoing security risks across the EVM ecosystem, even as Ethereum researchers outline long-term plans to harden execution.
In August, Ethereum Foundation researcher Justin Drake detailed an initiative known as “Lean Ethereum,” a proposal aimed at making the network faster and more secure.
“Ethereum is unique,” Drake wrote in a series of blog posts, citing the network’s uninterrupted uptime since launch and the scale of economic security secured by staked ether.
“Lean Ethereum is more than a blueprint for hardening and scaling Ethereum,” he wrote.
“More than just doubling down on security, decentralization, and cutting-edge cryptography. It is an aesthetic,” Drake writes.
Drake has argued that while quantum computers cannot yet break blockchain cryptography, advances over the coming decade could pose risks if networks fail to prepare.
His proposal includes new cryptographic techniques designed to make Ethereum quantum-resistant while also improving scalability.
Under the proposal, Ethereum’s main execution layer could eventually handle around 10,000 transactions per second.
Drake has suggested that real-time zero-knowledge virtual machines and advanced data availability techniques could play a central role.
