A new wave of attacks hits the crypto ecosystem. According to ZachXBT, hundreds of wallets have been emptied simultaneously across multiple EVM-compatible blockchains, with no identified point of exploitation at this stage. The losses remain modest per victim, but their accumulation is beginning to raise concerns.
An Elusive Attack Targeting Numerous Wallets
In a message posted on his Telegram channel, ZachXBT explains that the attacker seems to prefer a volume strategy rather than spectacular strikes. The stolen amounts are generally below $2,000 per wallet, allowing for a large number of victims to be targeted without immediately attracting attention.
At this stage, the cumulative losses amount to about $107,000, a figure expected to increase as long as the attack remains active. The dispersion of the amounts complicates the analysis, as well as the automatic detection by some security tools, often calibrated to detect larger fund outflows.
No Clearly Identified Attack Vector
The most concerning point remains the absence of an identified cause. Neither compromised smart contracts, specific applications, nor clearly established software vulnerabilities have been implicated so far. This uncertainty raises the risk of a broader vulnerability, potentially related to user practices, malicious signatures, or third-party integrations.
ZachXBT has, however, reported a suspicious address where several siphoned funds converge. While this lead helps track some flows, it reveals nothing about the method used to access the wallets. The attacker has not been publicly identified, and no known group has claimed responsibility for the operation.
A Fragile Security Context
This incident occurs in a cybersecurity landscape already fraught with activity in the crypto sector. December saw around 26 major exploits, resulting in an estimated total loss of $76 million. While this figure marks a decrease of nearly 60% compared to November, it serves as a reminder that attacks remain frequent and structural.
Among the recent notable events is the incident that affected Trust Wallet during the holiday season. A vulnerability related to a new version of the browser extension resulted in approximately $7 million in losses. The wallet has since initiated a compensation process for affected users and deployed an update to strengthen wallet ownership verification.
An Alert for EVM Users
Although the individual amounts at stake remain limited, the diffuse nature of the attack is a warning signal. It suggests that seemingly innocuous wallets can be exposed, even without recent interaction with exotic protocols.
In this context, caution is necessary. Revoking unnecessary authorizations, systematically verifying signatures, limiting funds on hot wallets, and using hardware solutions for significant amounts remain essential reflexes. Do not hesitate to use revoke.cash frequently to mitigate risks.
Until the origin of this attack is identified, the risk persists. Once again, the episode reminds us that in crypto, security lies not only in the code but also in the daily discipline of users.
