A New Breed of Crypto Heist Is Spreading Quietly
Key Highlights
• Over $107K drained from wallets across Ethereum, BNB, and other EVM chains in coordinated low-value thefts
• Attack linked to fake MetaMask emails and potential Trust Wallet supply chain breach
Yello Paradisers! The festive season turned dark for hundreds of unsuspecting crypto users after blockchain investigator ZachXBT raised the alarm about a coordinated wallet-draining campaign across Ethereum Virtual Machine chains. The total losses so far? More than $107,000, each victim hit for less than $2,000.
The stealth of the attack is what makes it especially dangerous. Small losses, distributed across many wallets, kept the exploit flying under the radar until it was too late.
Funds Routed to a Central Attacker Wallet
All the compromised wallets appear to funnel funds into the same on-chain address: 0xAc2e…ad8Bf9bFB. That wallet now holds tokens from nearly 20 different chains.
Data shared via Debank reveals the attacker’s stash includes around $54,655 from Ethereum, $25,545 from BNB Chain, $8,688 from Base, and smaller amounts from Arbitrum, Polygon, Optimism, Zora, Linea, and Avalanche.
Did Holiday Email Scams Trigger It?
Crypto Twitter speculates that the breach began through fake MetaMask emails over the holiday season. However, an analysis from Nansen linked the attacker to the same malware that infected a version of the Trust Wallet browser extension, further suggesting a larger supply chain attack.
This convergence of tactics, phishing emails, fake updates, and malicious extensions, reflects a rising sophistication in holiday-targeted scams. The FBI warned just weeks before Christmas that scams like these lead to more than $785 million in annual losses, with credit card fraud adding another $199 million.
Small Drains, Big Implications
The incident spans multiple chains but avoids large-value targets. This strategy gives attackers time to drain wallets without drawing attention, delaying detection by days or even weeks.
Even if users practice safe storage habits, such distributed attacks show that interacting across EVM chains comes with persistent risk. No specific wallet or dApp has been identified as the root cause yet.
Broader Trends in Crypto Exploits
December saw 26 major exploits across the crypto sector, resulting in over $76 million in total losses, according to PeckShield. While that’s down from November’s $194 million, the pace of attacks has not slowed.
The Trust Wallet browser extension hack alone accounted for $7 million in user losses over Christmas. CZ, the wallet’s owner, has confirmed full compensation is underway, but the damage to user confidence is still being repaired.
The Investigation Continues
ZachXBT notes that investigations are ongoing. There’s no confirmed vector of attack, and the crypto security community continues to watch and trace fund flows.
The lesson is stark. Even small wallet balances can become targets when attacks are this organized. Self-custody remains powerful, but without vigilance, it can become a weakness.
Want to stay ahead of threats like these before your wallet is touched?
MCP News Private brings you timely alerts, exclusive intel, and real-time reactions for just $3 per month. You get the early warnings coffee can’t give.
Need help navigating wallet risks and protecting your trades? ParadiseFamilyVIP has you covered with real-time strategy and safe trade setups from a team that’s seen it all.
And for deep dives, market breakdowns, and live chart walkthroughs, our YouTube stream channel shows you how we stay ahead in real time. Hit subscribe and join the smarter side of crypto.
