A major cryptocurrency theft on January 10, 2026, resulted in losses exceeding $280 million after an investor fell victim to a hardware wallet social engineering scam.

The incident occurred at around 23:00 UTC and was first detailed by on-chain investigator ZachXBT, who traced the movement of the stolen funds across multiple blockchains. 

According to ZachXBT’s analysis, the attacker gained access to the victim’s hardware wallet and drained approximately 2.05 million Litecoin (LTC) and 1,459 Bitcoin (BTC). The stolen assets were rapidly laundered through instant exchanges and cross-chain protocols in an effort to evade tracking.

On-chain analysis indicates that a large portion of the stolen Litecoin and Bitcoin was converted into Monero (XMR), triggering an abrupt spike in market activity. Price data shows Monero surging by roughly 70% over the four days following the hack, with the chart reflecting a steep rally followed by increased volatility as trading volumes expanded.

Further on-chain tracing revealed that part of the Bitcoin was routed through THORChain, where about 818 Bitcoin, valued at roughly $78 million, was swapped into Ethereum (ETH), XRP, and additional Litecoin. These transactions spanned several networks, highlighting the growing use of cross-chain liquidity protocols in large-scale laundering attempts.

Identity of involved parties 

The analysis also noted no indications linking the attack to North Korean hacking groups, which have been associated with previous high-profile crypto thefts. The identity of the victim remains unknown, and it is still unclear whether the stolen funds belonged to a single individual or an organization.

The incident reinforces warnings from security researchers that social engineering has become the leading cause of major crypto losses. 

By exploiting trust rather than technical vulnerabilities, attackers are increasingly able to compromise even hardware wallet users, with market disruptions. 

Featured image via Shutterstock