Crypto investigator ZachXBT has identified an ongoing attack targeting crypto wallets linked to EVM blockchains. This meticulously executed hack targets only small amounts, yet the total losses are rising steadily and consistently.
Hundreds of crypto wallets emptied on EVM blockchains
Due to the significant amounts of money involved, the cryptocurrency sector finds itself on the front lines of attacks and other hacks designed to steal users’ funds, to the point of becoming one of North Korea’s main sources of revenue, as the leader in this criminal activity.
These malicious operations can target leading centralized cryptocurrency exchanges just as easily as popular crypto wallets, as in the recent case of Trust Wallet, whose users had $7 million stolen in late December.
However, other attacks appear to be more insidious and discreet, as recently revealed by the well-known crypto investigator ZachXBT on his official Telegram account.
At issue is the systematic—and ongoing—draining of cryptocurrencies held in hundreds of wallets on EVM-compatible (Ethereum Virtual Machine) blockchains.
Details of the blockchains and amounts involved
It appears that hundreds of wallets are currently being drained across various EVM blockchains for small amounts (less than $2,000 in total per victim); however, the root cause has yet to be identified.
ZachXBT
Estimated losses of $107,000 and rising
While these incidents may not be entirely new, their recurrence and the persistence of these targeted attacks have raised questions for investigator ZachXBT, given the steadily rising total losses and the fact that there are already hundreds of victims.
Indeed, the currently identified total loss of $107,000 may seem insignificant given the number of victims involved. However, this should not be misinterpreted, as it appears to be a meticulously planned modus operandi rather than a lack of ambition on the part of the hacker behind these thefts.
So far, approximately $107,000 has been stolen, and the total amount stolen continues to rise.
ZachXBT
The real problem with this attack lies specifically in the inability to determine the method used, as well as its point of entry, even though ZachXBT has published a suspicious address—0xAc2e5153170278e24667a580baEa056ad8Bf9bFB—in an attempt to limit its growing impact.
For now, the only way to protect yourself from this attack is to be wary of all suspicious activity and never authorize transactions without verifying their origin and legitimacy. These digital security rules should be followed at all times, even outside of EVM blockchains.
