Hackers steal $3.05m XRP from cold wallet, ZachXBT traces funds
Crypto investigator ZachXBT traced the funds of a victim who lost their life savings of $3.05 million in XRP.
- A victim lost their life savings of $3.05M worth of XRP from an Ellipal cold wallet
- The hack happened after the victim imported their seed phrase into Ellipal’s mobile app
- ZachXBT traced the funds to a Southeast Asian laundering ring
Self-custody is a powerful tool for security, but only if users know what they are doing. On Sunday, Oct. 19, crypto investigator ZachXBT revealed a case of a victim losing $3.05 million in XRP from a cold wallet. The investigator ultimately traced the funds to a Southeast Asian crypto laundering ring.
The initial theft happened on Oct. 12, when attackers drained the victim’s (XRP) wallet. The victim used an Ellipal hardware wallet, which markets itself as a cold wallet. However, the victim made the mistake of importing their seed phrase into the Ellipal mobile app.
This effectively made it into a hot wallet, meaning it became connected to the internet. ZachXBT explained that importing a seed phrase into a mobile app completely defeats the purpose of cold storage and exposes users to hacks.
How hackers laundered $3.05 in XRP
Following the breach, hackers used the cross-chain bridge Bridgers to swap the XRP into Tron (TRX) in over 120 transactions. The transactions appeared to go to Binance, but this was actually part of Bridgers’ liquidity path.
After the laundering steps, the attackers moved all tokens into a single Tron wallet, making it easier to move the funds off-chain. For that purpose, they used OTC desks adjacent to Huione, a Southeast Asia–based illicit online marketplace.
According to ZachXBT, Huione has connections to hacks, pig-butchering scams, money laundering, and more. The exchange has also been sanctioned by the U.S. government for facilitating massive illicit crypto flows.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Solana News Today: SEC Blocks Staked SOL ETF, Highlighting Ongoing Tension Between Crypto Innovation and Regulatory Oversight
- SEC blocks Staked SOL ETF, reflecting regulatory scrutiny of staking mechanisms in crypto markets. - Solana ETFs saw $53M inflows on Nov. 25 but faced $8M outflow days later amid market volatility and declining on-chain activity. - VanEck withdraws BNB staking plans, citing SEC risks after recent guidance raised legal uncertainties over staking as an investment contract. - Regulatory ambiguity creates fragmented crypto ETF landscape, with Solana trading near $140 as key price threshold amid mixed technic
Zcash Latest Updates: ZEC Faces $380 Test—Will Grayscale’s ETF Halt the Decline?
- Zcash (ZEC) tests critical $380 Fibonacci support as price falls below $480, triggering bearish technical signals like a double-top pattern. - Grayscale's proposed Zcash ETF (ZCSH) aims to institutionalize ZEC access but risks amplifying volatility if demand exceeds supply. - Fed's cautious rate-cut projections and declining on-chain activity (open interest, volume) highlight tension between macro optimism and weak near-term fundamentals. - Templar Protocol's ZEC-native lending feature enhances DeFi util
Bitcoin News Update: Ark Invest Makes Daring Moves in Crypto and AI Despite Market Slump
- Ark Invest spent $88M on crypto assets in November 2025, defying market declines by buying undervalued tech/crypto equities. - Major purchases included $25M in Coinbase , Circle , and Block shares, now holding 5.22% of ARKK's portfolio. - CEO Cathie Wood contrasted current AI/crypto growth with past bubbles, viewing downturns as strategic buying opportunities. - The firm also invested $56M in Alphabet and $29.4M in AI firm CoreWeave , emphasizing sector readiness over speculation. - With Bitcoin near $87
FCA's Crypto Sandbox Strives to Foster Innovation While Safeguarding Investors
- Coinbase and Kraken join UK FCA's crypto sandbox to test new disclosure rules, aiming to boost transparency and align with global standards. - FCA's 2026 roadmap mandates detailed risk assessments for unbacked crypto, stablecoins, and tokenized assets, with Eunice developing compliance templates. - U.S. regulators and banks like U.S. Bancorp parallel efforts, testing stablecoins and emphasizing structured oversight to mitigate depegging risks. - Coinbase's regulatory engagement spans FCA, SEC, and global
Trending news
MoreCrypto prices
More
