Hundreds of Wallets Drained in Ongoing Cross-Chain Attack, ZachXBT Warns

An energetic cross-chain exploit is draining lots of of crypto wallets throughout a number of EVM-compatible blockchains, with losses exceeding $107,000 and climbing because the assault continues.

Blockchain investigator ZachXBT flagged the incident in the early hours of Friday, warning that victims are dropping comparatively small quantities per pockets (usually below $2,000), whereas the foundation trigger stays unidentified.

The coordinated assault follows a devastating December for crypto safety, which saw $76 million stolen across 26 major exploits, together with a $50 million handle poisoning rip-off and the Christmas Day Trust Wallet breach that drained roughly $7 million from customers.

Attack Pattern Emerges Across Multiple Blockchains

ZachXBT recognized a suspicious handle (0xAc2***9bFB) that could be linked to ongoing thefts concentrating on EVM chains.

The investigator is compiling verified addresses of theft victims as extra victims come ahead and is requesting that affected customers contact him straight through X (previously Twitter).

The distributed assault mirrors ways seen in latest high-profile incidents, in which attackers exploit a number of smaller wallets fairly than concentrating on a single giant holding.

This strategy typically evades quick detection whereas maximizing complete extraction throughout compromised accounts.

Security researchers observe that the cross-chain nature suggests refined infrastructure, with risk actors working concurrently throughout totally different blockchain networks to empty funds earlier than victims can reply.

Beyond EVM chains, the assault methodology resembles patterns noticed in address-poisoning schemes and private-key compromises which have plagued the trade over latest months.

HACKERS ARE QUIETLY STEALING FUNDS FROM EVERYDAY WALLETS ACROSS EVM CHAINS

Researcher ZachXBT warns that lots of of wallets are being drained throughout a number of EVM networks.

Most victims lose small quantities (below $2K), however the complete stolen has already reached $107K.

The precise… pic.twitter.com/Jl6DcI0JqE

— Zia ul Haque (@ImZiaulHaque) January 2, 2026

Experts emphasize that the coordinated timing and multi-chain execution point out well-resourced attackers succesful of sustaining persistent infrastructure throughout varied blockchain environments.

Trust Wallet Breach Highlights Broader Vulnerability Crisis

The alert comes days after Trust Wallet users faced fresh complications when the corporate’s Chrome extension was briefly faraway from the Chrome Web Store, delaying a vital claims verification device for victims of the Christmas Day hack.

Trust Wallet CEO Eowyn Chen confirmed that Google acknowledged a technical bug encountered throughout the brand new model launch.

“We perceive how regarding that is, and our group is actively engaged on the problem,” Trust Wallet acknowledged after figuring out 2,520 drained pockets addresses linked to roughly $8.5 million in stolen property throughout 17 attacker-controlled wallets.

The December 25 breach stemmed from a malicious model 2.68 of Trust Wallet’s browser extension, which appeared authentic, handed Chrome’s evaluation course of, however contained hidden code that extracted restoration phrases.

Users who put in the compromised extension and logged in between December 24 and 26 confronted quick fund outflows throughout a number of blockchains, together with Ethereum, Bitcoin, and Solana.

@TrustWallet customers affected by the Chrome extension hack are nonetheless ready for the claims device after the extension was pulled because of a Chrome Web Store bug#TrustWallet #CryptoSecurity #Chromehttps://t.co/O6atPd0DVa

— Cryptonews.com (@cryptonews) January 1, 2026

Trust Wallet traced the incident to a broader supply-chain assault generally known as Sha1-Hulud, which surfaced in November and compromised a number of firms by means of uncovered GitHub secrets and techniques and a leaked Chrome Web Store API key.

The assault bypassed inside approval checks, permitting direct uploads of malicious code that appeared genuine to each automated safety methods and handbook reviewers.

Industry Faces Human-Layer Security Crisis

Mitchell Amador, CEO of Immunefi, warns that the crypto sector confronts a basic safety reckoning as assault vectors more and more goal operational vulnerabilities fairly than good contract code.

“The risk panorama is shifting from onchain code vulnerabilities to operational safety and treasury-level assaults,” he instructed Cryptonews. “As code hardens, attackers goal the human ingredient.“

Despite December’s 60% month-over-month decline in hack losses to $76 million, down from November’s $194.2 million, safety consultants emphasize that persistent threats stay.

“Crypto is going through a safety reckoning,” Amador acknowledged. “Most hacks this 12 months haven’t occurred because of poor audits, they’ve occurred after launch, throughout protocol upgrades, or by means of integration vulnerabilities.“

Blockchain safety agency PeckShield documented 26 main exploits in December, with address-poisoning scams and private-key leaks accounting for substantial losses.

Crypto dealer loses $50 million to deal with poisoning rip-off as trade grapples with almost $90 billion in cumulative safety losses.#Crypto #Scamhttps://t.co/ZXn2iF8wdi

— Cryptonews.com (@cryptonews) December 20, 2025

One victim lost $50 million after mistakenly copying a fraudulent handle that visually mimicked their supposed vacation spot.

Another main incident involved a personal key leak tied to a multi-signature pockets, ensuing in losses of roughly $27.3 million.

The trade’s vulnerability extends past technical exploits to social engineering schemes, with Brooklyn resident Ronald Spektor facing charges for allegedly stealing $16 million from roughly 100 Coinbase customers by impersonating firm workers.

The publish Hundreds of Wallets Drained in Ongoing Cross-Chain Attack, ZachXBT Warns appeared first on Cryptonews.