Crypto investigator ZachXBT has identified an ongoing attack targeting crypto wallets linked to EVM blockchains. This meticulously planned hack only involves small amounts, but the total damage is steadily and consistently increasing.
Hundreds of crypto wallets emptied on EVM blockchains
Due to the large amounts of money involved, the cryptocurrency sector is at the forefront of attacks and other hacks aimed at stealing its users’ funds, to the point of becoming one of the main sources of income for North Korea, which leads this criminal activity.
Malicious operations can target both leading centralized cryptocurrency exchanges and popular crypto wallets, as in the recent case of Trust Wallet, whose users had $7 million stolen at the end of December.
However, other attacks appear to be more insidious and discreet, as revealed by renowned crypto investigator ZachXBT on his official Telegram account.
The issue at hand is the regular and ongoing draining of cryptocurrencies held by hundreds of wallets on EVM (Ethereum Virtual Machine) compatible blockchains.
It appears that hundreds of wallets are currently being emptied on various EVM blockchains for small amounts (less than $2,000 in total per victim), but the root cause has yet to be identified.
ZachXBT
Estimated losses of $107,000 and rising
The facts are not necessarily new, but their recurrence and the persistence of these targeted attacks have prompted investigator ZachXBT to question the constantly rising total amount of losses and the hundreds of victims already counted.
Indeed, the $107,000 in total damages currently identified may seem insignificant given the number of victims involved. However, this should not be misinterpreted, as it is more likely to be a carefully planned modus operandi than a lack of ambition on the part of the hacker behind these thefts.
So far, approximately $107,000 has been stolen, and the total amount stolen continues to rise.
ZachXBT
The real problem with this attack is that it is impossible to determine the procedure used, or even its point of entry, even though ZachXBT has published a suspicious address—0xAc2e5153170278e24667a580baEa056ad8Bf9bFB—in an attempt to limit its growing impact.
The only way to protect yourself from this attack at the moment is to be wary of all suspicious transactions and never authorize any transactions without first verifying their origin and legitimacy. These digital security rules must be applied at all times, even outside of EVM blockchains.
