Unmasking the Silent Drain on Crypto Wallets

In a startling revelation, blockchain researcher ZachXBT has unveiled a prolonged exploit that has quietly siphoned off funds from hundreds of cryptocurrency wallets operating on various EVM-compatible networks. The collective amount looted has surpassed $107,000, although individual losses remain comparatively modest. The exact vulnerability exploited in this attack remains elusive.

What Is the Attacker’s Modus Operandi?

ZachXBT shared via Telegram that the attacker has been systematically looting countless wallets across an array of EVM-based networks. The cunning strategy involves absconding with amounts below $2,000 per wallet, a method that complicates early detection efforts while allowing the aggregate loss to balloon rapidly.

Data from blockchain analysis reveals that the attack spans multiple networks, marred by similar movement patterns of funds suggesting a possible shared security flaw. This furthers the mystery as the exact breach, whether in apps, smart contracts, or network infrastructure, remains unidentified lending urgency to matters.

Could There Be a Broader Trend?

Yes, this campaign coincides with recent incidents in December 2025, where the crypto realm faced major security threats. PeckShield, a blockchain security outfit, noted 26 substantial attacks last month, although losses were slashed by 60% compared to November with a hefty $76 million swindled.

Among these concerns was a notable breach through Trust Wallet, where a flaw in their browser extension during the festive period resulted in an estimated $7 million being purloined. Trust Wallet is compensating users for this setback.

Responding to this issue, Trust Wallet CEO Eowyn Chen mentioned that a technical snag prompted a temporary removal of their extension from the Chrome Web Store. With updates, they now ensure verification codes can be securely shared via the app.

Key insights from these episodes include:

• New attack vectors can remain concealed by targeting smaller sums over numerous wallets.
• Cross-network vulnerabilities might point to wider structural issues within EVM frameworks.
• Recent security enhancements signal a heightened awareness but emphasize ongoing risk management needs.

Improving security strategies and identifying uncharted entry points are imperative for stakeholders in the cryptocurrency ecosystem. ZachXBT’s disclosures not only underline the importance of vigilance but also reinforce the need for collaborative security measures in the wake of such expansive cyber threats.