Hundreds of cryptocurrency wallets are being systematically drained across multiple blockchain networks in an ongoing attack that has stolen over $107,000, with the entry point still unknown as losses continue to mount.
Blockchain investigator ZachXBT flagged the coordinated exploit Thursday, warning that attackers are targeting small balances—typically under $2,000 per victim—across Ethereum Virtual Machine-compatible networks. The strategy appears designed to avoid immediate detection while maximizing the number of compromised wallets.
“It seems that hundreds of wallets are currently being emptied across various EVM chains for small sums per victim, with no root cause identified yet,” ZachXBT said in alerts shared on social media and Telegram. He identified a suspicious address—0xAc2e5153170278e24667a580baEa056ad8Bf9bFB—as the primary destination for stolen funds.
Attack Spans Major Blockchains
Ethereum has suffered the largest losses at approximately $54,655, representing 51% of total thefts. BNB Chain accounts for roughly $25,545 in stolen funds, while Base recorded $8,688 in losses. Additional breaches have occurred on Arbitrum, Polygon, Optimism, Zora, Linea and Manta Pacific.
The systematic nature of the drains suggests high-level automation, potentially involving compromised private keys or exploited token approvals. Security experts advise users to revoke old wallet approvals, avoid unknown transactions and transfer assets to secure addresses.
Latest in Growing Security Crisis
The incident follows a separate Trust Wallet browser extension breach during the Christmas holiday that resulted in approximately $7 million in losses. Attackers compromised version 2.68 of the Chrome extension through a supply-chain attack, enabling unauthorized withdrawals before the company rolled back to a clean version.
According to blockchain security firm PeckShield, December 2025 recorded 26 major cryptocurrency exploits totaling $76 million—a 60% decline from November’s $194 million. However, research from Chainalysis indicates individual wallet compromises surged to approximately 158,000 incidents in 2025, affecting at least 80,000 unique victims and representing nearly triple the 54,000 compromises recorded in 2022.
Investigation Continues
No protocol has publicly claimed responsibility for the vulnerability, and affected users span a wide range of EVM-compatible blockchains. ZachXBT continues tracking fund movements while security researchers work to identify the attack vector.
The breach underscores persistent vulnerabilities in cryptocurrency wallet infrastructure as attackers adapt their strategies. Users are urged to review transaction histories and monitor for any interactions with the flagged address while investigators work to determine the exploit’s source.
Join our Telegram Channel