Victim Loses $282M in Bitcoin and Litecoin to Hardware Wallet Scam

A crypto holder misplaced over $282 million in Bitcoin and Litecoin on January 10 in what blockchain investigator ZachXBT described as a {hardware} pockets social engineering rip-off, marking the most important particular person crypto theft of 2026 to this point.

It in infact surpassed the earlier notable social engineering hack document of $243 million set in August 2024.

The newest attacker instantly started changing the stolen belongings into Monero by means of a number of on the spot exchanges, inflicting XMR’s worth to spike sharply.

Bitcoin was additionally bridged to Ethereum, Ripple, and Litecoin through Thorchain because the perpetrator labored to obscure the funds’ path throughout a number of blockchain networks.

On January 10, 2026 at round 11 pm UTC a sufferer misplaced $282M+ price of LTC & BTC due to a {hardware} pockets social engineering rip-off.

The attacker started changing the stolen LTC & BTC to Monero through a number of on the spot exchanges inflicting the XMR worth to sharply enhance.

BTC was additionally…

— ZachXBT (@zachxbt) January 16, 2026

Record-Breaking Theft Exceeds Previous Social Engineering Attack

The incident eclipses the August 2024 case involving Genesis creditor theft, the place risk actors Greavys, Wiz, and Box stole $243 million by means of an elaborate social engineering operation.

That assault concerned spoofed calls from Google and Gemini help representatives who satisfied the sufferer to reset two-factor authentication and share display screen entry through AnyDesk, in the end exposing personal keys from Bitcoin Core.

ZachXBT’s investigation into the August case led to a number of arrests and the freezing of tens of millions in belongings.

Box and Greavys had been arrested in Miami and Los Angeles, whereas Wiz was later apprehended by US Marshals.

Twelve folks had been ultimately charged in reference to the $243 million theft, with a superseding indictment confirming the arrest of Danny Zulfiqar Khan in Dubai.

The scale of the most recent $282 million loss demonstrates how social engineering ways proceed to evolve and exploit victims regardless of elevated consciousness and safety measures throughout the crypto trade.

1/ An investigation into how Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) stole $243M from a single particular person final month in a extremely refined social engineering assault and my efforts which have helped lead to a number of arrests and tens of millions frozen. pic.twitter.com/dcY1e9xsPd

— ZachXBT (@zachxbt) September 19, 2024

Persistent Threats Target Crypto Users Across Multiple Vectors

Social engineering attacks have grow to be the dominant risk vector in crypto theft, with scammers more and more impersonating buyer help representatives from main platforms.

Brooklyn resident Ronald Spektor was additionally lately charged with allegedly stealing $16 million from roughly 100 Coinbase customers by posing as firm staff and utilizing panic ways to pressure fast choices.

The notorious North Korean hacker has additionally resurfaced with new social engineering ways.

“They message everybody with prior dialog historical past,” MetaMask safety researcher Taylor Monahan explained, referring to North Korean hackers utilizing faux Zoom ways.

“DPRK risk actors are nonetheless rekting means too lots of you through their faux Zoom / faux Teams meets.“

North Korean cybercriminals have stolen over $300 million utilizing faux video conferencing ways that set up malware to exfiltrate passwords and personal keys.

Attackers information victims to Zoom hyperlinks that time to recorded movies of identified contacts, then ship malicious “patch” information disguised as software program updates that deploy Remote Access Trojans.

Despite an general 60% decline in December exploit losses to $76 million, in accordance to PeckShield, handle poisoning scams and personal key leaks stay important threats.

One December sufferer misplaced $50 million after mistakenly copying a fraudulent address that visually mimicked their supposed vacation spot, whereas one other breach involving a multi-signature pockets key leak resulted in $27.3 million in losses.

Industry knowledge exhibits crypto theft reached $3.4 billion between January and early December 2025, with Americans shedding a document $9.3 billion to crypto-related crimes in 2024.

Investment fraud accounted for $5.7 billion in losses, with victims over 60 reporting the very best particular person losses at $2.8 billion.

Security specialists hold emphasizing that technical options alone can’t forestall social engineering assaults.

How are scammers stealing billions in crypto? We sat down with @CrystalPlatform CEO Navin Gupta as he breaks down the psychology, AI-powered ways, and the #1 mindset shift that would forestall most fraud.#CryptoScam #Deepfakehttps://t.co/9WQQvGSuED

— Cryptonews.com (@cryptonews) June 24, 2025

“Assume each unsolicited message is a possible assault,” said Navin Gupta, CEO of blockchain analytics platform Crystal, in an interview with Cryptonews. “That psychological shift alone filters out 80% of risk vectors.“

Experts advocate verifying each character of vacation spot addresses earlier than sending funds, avoiding SMS-based two-factor authentication in favor of {hardware} safety keys, and by no means responding to unsolicited messages claiming account compromises.

The irreversibility of crypto transactions means victims sometimes can’t recuperate stolen funds as soon as attackers acquire entry to personal keys or trick customers into authorizing transfers.

The submit Victim Loses $282M in Bitcoin and Litecoin to Hardware Wallet Scam appeared first on Cryptonews.