A cryptocurrency user has lost more than $282 million in Bitcoin and Litecoin in what is being described as one of the largest social engineering attacks in the industry’s history.
The incident took place on Jan. 10, 2026, around 11:00 pm UTC, after the victim was deceived into disclosing the seed phrase for a hardware wallet, according to blockchain investigator ZachXBT. With full access to the wallet, the attacker swiftly transferred the funds across multiple networks in an effort to obscure their origin.
ZachXBT reported that approximately 2.05 million Litecoin, valued at about $153 million, and 1,459 Bitcoin, worth roughly $139 million, were stolen. The attacker quickly began swapping the assets into Monero through several instant exchange platforms, contributing to a sudden spike in XMR’s price.
At the same time, significant portions of the Bitcoin were routed through Ethereum, Ripple, and Litecoin via THORChain, enabling cross-chain transfers without the use of centralized exchanges. The incident has renewed concerns over how decentralized cross-chain infrastructure can be exploited during large-scale crypto thefts.
$700K of stolen funds frozen
In a post on LinkedIn on Friday, security firm ZeroShadow said it was able to track and flag portions of the stolen funds in real time after receiving alerts from blockchain monitoring teams. Within about 20 minutes, roughly $700,000 worth of assets were reportedly frozen before they could be fully converted into privacy-focused cryptocurrencies.
ZeroShadow said it identified the compromised wallet as a Bitcoin address “belonging to an individual who was deceived into sharing their seed phrase by an attacker posing as Trezor ‘Value Wallet’ support.”
Blockchain investigator ZachXBT also dismissed speculation that the incident was tied to a state-sponsored hacking group. “It’s not North Korea,” he wrote.
Elderly US Bitcoin holder loses $330M in separate scam
In a separate case last year, an elderly individual in the United States reportedly lost $330 million in Bitcoin in another large-scale social engineering attack. Blockchain data shows the victim had held more than 3,000 BTC since 2017 with minimal prior transaction activity.
After the theft, the attacker quickly laundered the Bitcoin through peel chains and multiple instant exchange services, eventually converting much of the stolen BTC into Monero to conceal its origin.
