Imagine losing over a quarter of a billion dollars in a single heist! That's precisely what happened to a cryptocurrency user in a sophisticated social engineering attack, marking it as one of the largest thefts ever recorded in the crypto world. This is a stark reminder of the vulnerabilities that exist within the digital asset space.
The incident, which occurred on January 10, 2026, around 11:00 PM UTC, involved a victim being tricked into divulging their seed phrase – the master key to their hardware wallet. Blockchain investigator ZachXBT reported that this allowed the attacker to gain complete control and swiftly move the funds across various networks, making it difficult to trace.
According to ZachXBT's findings, the attacker made off with a staggering 2.05 million Litecoin (LTC), currently valued at approximately $153 million, and 1,459 Bitcoin (BTC), worth around $139 million. The attacker then immediately began converting the stolen assets into Monero (XMR) using instant exchange services, which caused a noticeable surge in XMR's price.
But here's where it gets controversial... Simultaneously, significant portions of the Bitcoin were transferred across Ethereum (ETH), Ripple (XRP), and Litecoin using THORChain. This tactic allowed the attacker to move value between different blockchains without relying on centralized exchanges. This activity has once again sparked debate about the potential for abuse within decentralized cross-chain infrastructure during large-scale thefts.
A glimmer of hope: Security firm ZeroShadow was able to trace and flag a portion of the stolen funds in real-time after being alerted by blockchain monitoring teams. Within approximately 20 minutes, about $700,000 worth of funds were frozen before they could be fully converted into privacy-focused assets. ZeroShadow identified the victim's Bitcoin address, which belonged to an individual tricked into sharing their seed phrase by an imposter pretending to be Trezor “Value Wallet” support.
ZachXBT also dismissed claims that the attack was orchestrated by a state-sponsored hacking group, stating, "It’s not North Korea."
This isn't an isolated incident. Last year, an elderly US individual suffered a $330 million Bitcoin theft in another major social engineering scam. The victim had held over 3,000 BTC since 2017 with minimal prior activity. After the funds were moved, the attacker used peel chains and multiple instant exchanges to launder the Bitcoin, eventually swapping much of it into Monero to obscure the trail.
What do you think? Were these attacks preventable? Share your thoughts in the comments below! Did the use of cross-chain infrastructure complicate the recovery process, or did it provide an opportunity to trace the funds? Let's discuss!
