{"id":13801,"date":"2025-10-20T13:07:15","date_gmt":"2025-10-20T13:07:15","guid":{"rendered":"https:\/\/bitunikey.com\/news\/hackers-steal-3-05m-xrp-from-cold-wallet-zachxbt-traces-funds\/"},"modified":"2025-10-20T13:07:20","modified_gmt":"2025-10-20T13:07:20","slug":"hackers-steal-3-05m-xrp-from-cold-wallet-zachxbt-traces-funds","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/hackers-steal-3-05m-xrp-from-cold-wallet-zachxbt-traces-funds\/","title":{"rendered":"Hackers steal $3.05m XRP from cold wallet, ZachXBT traces funds"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Crypto investigator ZachXBT traced the funds of a victim who lost their life savings of $3.05 million in XRP.<\/p>\n<div id=\"cn-block-summary-block_94b3b652e11109e91a7d438bf26275eb\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>A victim lost their life savings of $3.05M worth of XRP from an Ellipal cold wallet<\/li>\n<li>The hack happened after the victim imported their seed phrase into Ellipal\u2019s mobile app<\/li>\n<li>ZachXBT traced the funds to a Southeast Asian laundering ring<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Self-custody is a powerful tool for security, but only if users know what they are doing. On Sunday, Oct. 19, crypto investigator ZachXBT revealed a case of a victim losing $3.05 million in XRP from a cold wallet. The investigator ultimately traced the funds to a Southeast Asian crypto laundering ring.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">1\/ A video went viral on YT this week after a US based victim lost $3.05M (1.2M XRP) from their Ellipal wallet. <\/p>\n<p>Here\u2019s the tracing of where the stolen funds ended up and the biggest takeaways for similar thefts. <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/t.co\/Gyw0OWjts4\">pic.twitter.com\/Gyw0OWjts4<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/zachxbt\/status\/1979899767212699910?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"nofollow\">October 19, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>The initial theft happened on Oct. 12, when attackers drained the victim\u2019s (XRP) wallet. The victim used an Ellipal hardware wallet, which markets itself as a cold wallet. However, the victim made the mistake of importing their seed phrase into the Ellipal mobile app.<\/p>\n<p>This effectively made it into a hot wallet, meaning it became connected to the internet. ZachXBT explained that importing a seed phrase into a mobile app completely defeats the purpose of cold storage and exposes users to hacks.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">How hackers laundered $3.05 in XRP<\/h2>\n<p>Following the breach, hackers used the cross-chain bridge Bridgers to swap the XRP into Tron (TRX) in over 120 transactions. The transactions appeared to go to Binance, but this was actually part of Bridgers\u2019 liquidity path.<\/p>\n<p>After the laundering steps, the attackers moved all tokens into a single Tron wallet, making it easier to move the funds off-chain. For that purpose, they used OTC desks adjacent to Huione, a Southeast Asia\u2013based illicit online marketplace.<\/p>\n<p>According to ZachXBT, Huione has connections to hacks, pig-butchering scams, money laundering, and more. The exchange has also been sanctioned by the U.S. government for facilitating massive illicit crypto flows.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Crypto investigator ZachXBT traced the funds of a victim who lost their life savings of $3.05 million in XRP. Summary A victim lost their life savings of $3.05M worth of&hellip;<\/p>\n","protected":false},"author":1,"featured_media":11452,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-13801","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/13801","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=13801"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/13801\/revisions"}],"predecessor-version":[{"id":13802,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/13801\/revisions\/13802"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/11452"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=13801"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=13801"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=13801"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}