2 Minutes
A blockchain investigator known as ZachXBT has traced a major social engineering attack that resulted in the loss of 783 BTC — roughly $91.4 million. The August 19 incident targeted a hardware wallet user, with the attacker impersonating official support and persuading the victim to reveal wallet credentials. Once credentials were provided, the stolen Bitcoin was quickly moved and processed through privacy tools.
Details of the Scam
How the Attacker Operated
The perpetrator posed as a hardware wallet support agent and used convincing social engineering techniques to extract sensitive information from the victim. This approach mirrors multiple high-profile social engineering scams over the past year, highlighting ongoing risks to custodial and non-custodial users alike.
Funds Flow and Laundering
After the initial transfer, the funds were routed into several deposits and consolidated through Wasabi Wallet, a Bitcoin privacy tool frequently used to obscure transaction history. This pattern — rapid movement followed by mixing and redistribution — is consistent with typical laundering strategies observed in other crypto thefts.
Theft wallet
Context and Industry Impact
The theft occurred almost exactly one year after the $243 million Genesis creditor theft, a pivotal event that led to multiple arrests in California. The August incident adds to a bleak period for the sector: crypto investors reportedly lost $3.1 billion to hacks and scams in the first half of 2025.
Security Takeaways
Protecting private keys and verifying official support channels are critical. Use hardware wallets with caution, enable two-factor authentication where possible, and never share seed phrases or private keys with anyone claiming to be support. Monitoring on-chain movements and employing reputable custodial services can reduce exposure to social engineering and laundering tactics.
Comments