In a troubling development for cryptocurrency holders, over $107,000 has been drained from various wallets compatible with the Ethereum Virtual Machine (EVM). This alarming incident was reported by blockchain investigator ZachXBT, marking one of the first significant security breaches of 2026.
The attacker appears to be targeting numerous crypto wallets, siphoning off small amounts, typically under $2,000 each. While individual losses may seem manageable, the cumulative effect has led to significant financial damage, with total losses estimated at around $107,000. This figure is likely to increase as the malicious activity continues.
In a recent update on his Telegram channel, ZachXBT indicated that the source of the attack has yet to be determined, raising concerns about potential future exploits. The attacker or group responsible remains unidentified, but a wallet address associated with the operation, concluding with 8Bf9bFB, has been flagged by the investigator.
The ongoing threat of crypto thefts persists despite a more mature market. The prior year saw a surge in hacking incidents, with December alone witnessing approximately 26 major exploits that resulted in losses totaling around $76 million, according to data from blockchain security firm PeckShield. This figure represents a notable decrease of over 60% from the $194.27 million in losses reported in November.
Despite the decline in monthly losses, the scale of wallet compromises remains significant. Chainalysis data reveals that individual wallet breaches accounted for about 20% of the total value stolen across the crypto landscape in 2025. Throughout the year, an estimated 158,000 wallet breaches affected at least 80,000 unique victims, a stark increase from the roughly 54,000 breaches recorded in 2022.
During the 2025 holiday season, Trust Wallet disclosed a security breach linked to a specific version of its browser extension, resulting in losses of around $7 million. In response, the company has initiated a compensation process for affected users. Trust Wallet”s CEO, Eowyn Chen, clarified that the temporary removal of the wallet”s browser extension from the Chrome Web Store was due to a platform-side issue encountered during a version update rather than a new security incident.
As the cryptocurrency landscape evolves, the need for enhanced security measures remains critical for users and service providers alike. Investors are urged to remain vigilant and take proactive steps to secure their digital assets against potential attacks.
