Massive New Year Crypto Exploit Drains Hundreds of Wallets Across EVM Chains - Coinedict

A fresh crypto exploit has rattled traders at the start of the New Year, with hundreds of wallets across Ethereum Virtual Machine (EVM)–compatible blockchains reportedly drained of funds.

According to on-chain investigator ZachXBT, the ongoing attack has already resulted in losses of approximately $107,000, with individual victims losing an average of $2,000 per wallet. The total figure continues to rise as the exploit remains active.

What We Know So Far

ZachXBT issued a security alert via Telegram, warning users that a large number of wallets are being systematically targeted. The suspicious activity has been traced to a single address:

0xAc2e5153170278e24667a580baEa056ad8Bf9bFB

At this time, the identity of the attacker—or group behind the exploit—remains unknown. More importantly, the root cause of the breach has not yet been identified, making it difficult for users to fully protect themselves beyond general wallet safety measures.

Wallets Across EVM Chains Affected

The exploit appears to target wallets operating on multiple EVM-compatible blockchains, including networks built on the same execution standards as Ethereum.

EVM-compatible chains share similar transaction logic, permission structures, and smart contract frameworks. Popular networks such as Polygon and Arbitrum also rely on these standards, which can make cross-chain exploits easier to execute if a shared vulnerability exists.

Investigators noted that the attacker is primarily targeting wallets with small balances, but by draining hundreds of addresses, the cumulative losses have grown quickly.

Why This Attack Is Concerning

Because EVM wallets often use similar signing and permission mechanisms, a single exploit vector can potentially affect a wide range of users across different chains. With the point of entry still unclear, the attack continues without a confirmed mitigation strategy.

Security experts warn that until more details emerge, users should:

• Revoke unnecessary wallet permissions
• Avoid interacting with unknown smart contracts
• Move funds to fresh wallets if suspicious activity is detected

Investigation Ongoing

ZachXBT and other blockchain analysts continue to monitor the situation closely. As of now, no official statement has been released by major wallet providers, and there is no confirmation whether the exploit stems from compromised private keys, malicious approvals, or a deeper protocol-level issue.

The incident adds to growing concerns around wallet security and reinforces the importance of regular permission checks and cautious on-chain behavior—especially during periods of heightened exploit activity.

More updates are expected as the investigation develops.