---
title: "Silent Crypto Wallet Attack Drains Over $107K Across EVM Chains"
date: 2026-01-02
author: "Sofia Ramirez"
featured_image: "https://sqmagazine.co.uk/wp-content/uploads/2026/01/silent-wallet-drain-attack-ongoing-on-evm-chains.jpg"
categories:
  - name: "Cybersecurity"
    url: "/cybersecurity.md"
tags:
  - name: "News"
    url: "/tag/news.md"
---

# Silent Crypto Wallet Attack Drains Over $107K Across EVM Chains

A low-profile exploit has drained more than $107,000 from hundreds of crypto wallets across several EVM-compatible chains, raising fresh alarms about self-custody security.

## Quick Summary – TLDR:

- Over $107,000 stolen from hundreds of wallets across multiple EVM networks.
- Losses per wallet are typically under $2,000, helping the attacker stay under the radar.
- No confirmed exploit vector or responsible party has been identified.
- Ongoing investigation highlights broader risks in cross-chain wallet activity.

## What Happened?

A new on-chain alert from blockchain investigator ZachXBT has revealed a quiet but active wallet-draining operation affecting users across Ethereum Virtual Machine (EVM) compatible networks. Instead of going after large balances, the attacker is **draining small amounts from many wallets**, which has allowed the exploit to avoid detection until recently.

So far, more than **$107,000 has been siphoned**, and the exploit is still ongoing.

> 🚨BREAKING: According to ZachXBT, hundreds of wallets across EVM chains are being drained in amounts under $2K each. Over $107K has already been stolen, and the cause remains unknown.  
>   
> Stay alert. [pic.twitter.com/nqOv01lGdj](https://t.co/nqOv01lGdj)
> 
> — Pushpendra Singh Digital (@PushpendraTech) [January 2, 2026](https://twitter.com/PushpendraTech/status/2006947381250764963?ref_src=twsrc%5Etfw)

 ## A Pattern of Silent Theft

This attack is notable not for its size per victim, but for how widespread and stealthy it is. Most affected wallets have lost **less than $2,000 each**, according to ZachXBT. The method relies on staying beneath the radar of monitoring tools and user attention.

- The activity spans **multiple EVM chains**, showing it’s not limited to a single ecosystem.
- Investigators observed **consistent transaction timing and withdrawal amounts**, pointing to a coordinated campaign rather than isolated incidents.
- Funds are being routed into **interconnected addresses**, suggesting a single actor or closely tied group.

No clear vulnerability has been identified yet. Investigators have ruled out any known [smart contract flaws](https://sqmagazine.co.uk/smart-contract-bug-bounties-statistics/), phishing campaigns, or wallet provider issues as the direct cause. This lack of clarity makes mitigation difficult for both users and developers.

## Linked but Unconfirmed Addresses

While the attacker’s identity is unknown, ZachXBT has flagged a suspicious wallet address believed to be involved in the exploit: **[0xAc2e5153170278e24667a580baEa056ad8Bf9bFB](https://etherscan.io/address/0xac2e5153170278e24667a580baea056ad8bf9bfb)**.

The wallet activity tied to this address shows patterns consistent with the wider draining campaign, but without a definitive exploit path, it remains unclear how the attacker is gaining access to so many wallets.

## Not an Isolated Case

This event is part of a broader pattern of persistent [crypto security challenges](https://sqmagazine.co.uk/crypto-exchange-hacks-and-security-statistics/). According to data from security firm PeckShield, **December 2025 saw 26 major crypto exploits**, totaling about **$76 million** in losses. Although that figure is down from **$194 million in November**, it underscores the ongoing threat of exploitation in the space.

One recent high-profile case involved **[Trust Wallet](https://sqmagazine.co.uk/trust-wallet-statistics/)**, which suffered a browser extension breach during the Christmas period. A **malicious version 2.68** of its extension was published to the Chrome Web Store, bypassing Trust Wallet’s official release protocols. Roughly **$8.5 million was stolen** from over **2,500 wallets**. Trust Wallet has since begun [compensating affected users](https://sqmagazine.co.uk/trust-wallet-extension-update-delayed/) and reinforcing its verification processes.

## Ongoing Investigation and Limited User Defenses

ZachXBT confirmed that the **wallet draining campaign is still active**, and there is no concrete explanation yet for how the wallets are being compromised. Without a specific exploit identified, users are left with few defenses beyond **monitoring for suspicious activity** and improving personal security practices.

The attack strategy exposes a key risk: even if each incident is small, collectively they form a **significant threat to the ecosystem**.

## SQ Magazine’s Takeaway

I find this attack deeply unsettling, not just because of the amount stolen, but because of **how silently it happened**. This kind of low-key exploit shows that you don’t need to be a high-value target to be vulnerable. It reminds us that **self-custody comes with serious responsibilities**, especially in an environment where threats evolve fast. If you use EVM-compatible wallets, now’s the time to **audit your approvals, tighten your security, and stay alert**.