Hardly has the calendar turned to January 2026 when hackers have already started their game. And not with a discreet or isolated hack. No. This time, it is hundreds of wallets on EVM networks that have been drained, silently, methodically. Small amounts per victim, but a large-scale operation that highlights a much broader flaw. The crypto-sphere, barely recovering from its demons of 2025, restarts its year under high tension.
ZachXBT, the famous on-chain investigator, sounded the alarm on Telegram: a mysterious attack is currently siphoning wallets on multiple EVM chains. The suspicious address, identified as the collection point, has already collected more than $107,000, according to his estimates. The modus operandi is intriguing: each crypto wallet targeted loses less than $2,000, a low enough amount to go under the radar, but formidable due to mass effect.
“This looks like a broad automated exploitation “, explains Hackless, a Web3 cybersecurity provider, in a warning published on X.
The goal does not seem to be a splashy strike but a long series of small targeted thefts, relying on victims’ fatigue in tracking every unauthorized fund outflow. Some experts are already talking about a strategy worthy of a digital parasite: slow, lurking in the shadows, but capable of bringing down an entire ecosystem through invisible bites.
But the alert does not stop there. Vladimir S., a cybersecurity analyst, quotes another user: a fake MetaMask email, urging an update, would have been the Trojan horse of this attack. This next-generation phishing plays on confusion and habit, two human flaws still too little addressed in crypto.
The blow recalls another event still fresh in memory: the Trust Wallet hack on December 25, 2025, causing a $7 million loss. Again, the source was not a genius hacker, but a supply chain attack named “Sha1-Hulud.” npm packages, commonly used to code blockchain applications, had been contaminated.
This tainted code then allowed the attacker to infiltrate the project’s GitHub environment, steal developer secrets, and publish a tainted version of the extension on the Chrome Web Store. Result: 2,596 wallets compromised.
What if this scenario repeats? For @anndylian, a Web3 expert, insider leads should not be excluded: “This kind of ‘hack’ is not natural. There is a strong chance an insider is involved.”
Year 2025 was harsh for the crypto industry. Chilling numbers circulate in the digital corridors: $3.4 billion lost in hacks and scams, according to several observers. A dark year, say some. And now 2026 starts like a remake. One might believe crypto must now learn to live with its digital ghosts.
