Tracking a massive theft: How $282 million in crypto assets flow to exchanges through cross-chain and mixing platforms

LiquiditySurfer · 2026-01-19T08:56:12+00:00

Cryptocurrency security analysis agency uncovers a major theft case where users lost over $282 million worth of BTC and LTC due to social engineering attacks on hardware wallets. The attacker used THORChain to disperse and transfer assets and laundered money through mixing services, reminding people that hardware wallets are not completely secure.

LiquiditySurfer

2026-01-19 08:56:12

Abstract generation in progress

【ChainWen】The cryptocurrency security analysis agency recently exposed a major theft case. In mid-January 2026, a user lost over $282 million worth of BTC and LTC due to a social engineering attack on their hardware wallet.

The attacker’s tactics were quite sophisticated. They first transferred 928.7 BTC (worth approximately $71 million) through the THORChain cross-chain protocol in a dispersed manner—some funds went to Ethereum, while others were sent to the Ripple and Litecoin networks. After the exchange, these assets transformed into 19,631 ETH, 3.15 million XRP, and 77.2K LTC.

What’s even more concerning is the subsequent money laundering route. Among them, 1,468 ETH were transferred into Tornado Cash for mixing, while over 2,400 ETH were gradually moved into multiple exchanges such as WhiteBit, KuCoin, and Huobi. This dispersed entry method is clearly aimed at avoiding on-chain monitoring and exchange compliance checks.

This case once again reminds us: even hardware wallets are not completely secure. Social engineering attacks are often more frightening than technical vulnerabilities because they target human weaknesses. Meanwhile, the abuse of cross-chain bridges and mixing services has also become a new tactic for black market activities.

BTC-2,14%

LTC-4,88%

ETH-3,46%

XRP-1,85%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

11 Likes

Reward
11
3
Repost
Share

Comment

0/400

StableGeniusDegen

· 8h ago

Social engineering attacks are so fierce, can hardware wallets be broken? I really need to add an encryption lock to my private key this time. --- It's THORChain again, and Tornado... This combo is really impressive. --- 2.82 billion? Wow, who is so careless? I don't even have that much in my spare change. --- Cross-chain money laundering is so clear and obvious. Can it be traced on the chain? How can security agencies still track transactions to exchanges? Isn't that alarming? --- Honestly, hardware wallet social engineering breaches... This is outrageous. How can I ensure I won't be scammed? --- Are mixing platforms really effective? This case seems to have been caught anyway. --- 928 BTC, I’d have to work until the Year of the Monkey to be robbed of that much. Kinda envious.

View OriginalReply0

AirdropHunterZhang

· 8h ago

Oops, the social engineering attack pattern is really clever. 928 BTC just disappeared like that. I’m not even worth a small fraction of the free airdrops I’ve received. THORChain cross-chain money laundering... I need to remember this technique. I’ll be more cautious when analyzing transaction links in the future. $282 million is gone. Might as well go all-in and try to make a quick profit, haha. The Tornado mixing combo... it reminds me of how some project teams operate themselves... Even hardware wallets can be targeted by social engineering. This guy is a bit reckless; security awareness needs to be strengthened. ETH, XRP, LTC are so evenly distributed. They really take risk management seriously, but unfortunately, they reversed the operation. Feels like this is even more efficient than cutting leeks... No, wait, I’m speaking from the victim’s perspective. Speaking from the victim’s point of view.

View OriginalReply0

ThreeHornBlasts

· 8h ago

Social engineering attacks on hardware wallets are truly incredible, losing $282 million just like that? --- THORChain's cross-chain operations are indeed professional, the transfer is quite thoroughly decentralized --- That old trick of mixing platforms has been around for a while; Tornado Cash should have been regulated long ago --- Hardware wallets can't save you either; the key is still awareness of information security --- 928.7 BTC flowing to different chains at that speed, how many thieves does it take to be so smooth? --- Why are there still so many large-scale thefts in 2026? Exchanges should upgrade their risk control measures --- Money laundering pipelines start with Tornado Cash, this story is so classic haha --- Even with hardware wallets, social engineering attacks still happen, this is outrageous --- After cross-chain exchanges, they head straight to the exchange; isn't this just trying to cash out? --- 19,631 ETH sent to mixing platforms, truly unbeatable

View OriginalReply0