$282M in Bitcoin and Litecoin Stolen in Hardware Wallet Social Engineering Scam

Source: Cryptonews Original Title: $282M in Bitcoin and Litecoin stolen in hardware wallet social engineering scam Original Link: A crypto holder lost over $282 million in Bitcoin and Litecoin on January 10 through a hardware wallet social engineering scam, according to blockchain investigator ZachXBT.

Summary

• A single crypto holder lost over $282M in Bitcoin and Litecoin in a hardware wallet scam.
• Stolen funds were laundered via Thorchain and converted into Monero, spiking XMR price.
• ZachXBT linked the theft to a wider January wallet-draining campaign across chains.

The theft occurred around 11 pm UTC and is one of the largest individual crypto heists of 2026.

The attacker immediately began laundering stolen assets through multiple instant exchanges, converting LTC and BTC into Monero.

The massive conversion volume caused Monero (XMR) price to sharply increase as the attacker processed hundreds of millions in stolen funds.

Bitcoin (BTC) was also bridged to Ethereum (ETH), Ripple (XRP), and Litecoin (LTC) networks via Thorchain to obscure the trail.

Attacker Exploits Hardware Wallet Trust to Loot Bitcoin

Hardware wallets are considered among the most secure methods for storing cryptocurrency since private keys never leave the physical device.

Social engineering attacks bypass this security by manipulating victims into voluntarily compromising their own wallets.

The exact social engineering methodology used in the $282 million theft remains unclear. Common hardware wallet scams include phishing websites that capture seed phrases, fake customer support impersonating legitimate wallet companies, or malicious firmware update prompts.

ZachXBT’s investigation tracked the stolen funds across multiple blockchains and exchanges. The Thorchain bridging activity distributed stolen Bitcoin across Ethereum, Ripple, and Litecoin networks.

Hundreds of Wallets Drained in Attack Wave

The $282 million theft is the largest single victim in a broader attack campaign targeting cryptocurrency wallets across EVM-compatible chains. ZachXBT reported hundreds of wallets being drained in early January through ongoing attacks.

The wider campaign targeted numerous wallets for smaller amounts, with individual losses typically under $2,000 per victim. While each theft remains modest, cumulative losses increased as the attack continued.

December 2025 saw approximately 26 major crypto exploits resulting in $76 million in total losses, according to blockchain security firm PeckShield. The figure is a 60% decline from November’s $194.27 million in exploit losses.

January’s early data indicates exploit activity may be rebounding with the $282 million hardware wallet theft and ongoing wallet draining campaign.

Hardware wallet manufacturers have not issued warnings about specific social engineering campaigns.

Users should verify all communication claiming to be from wallet companies through official channels and never enter seed phrases into websites.