Hundreds of Crypto Wallets Drained Across EVM Chains; Root Cause Remains Unidentified, Reports ZachXBT
January 2, 2026 – An ongoing wave of cyberattacks has led to the draining of hundreds of cryptocurrency wallets across multiple Ethereum Virtual Machine (EVM) compatible blockchains, with losses currently estimated at approximately $107,000 and continuing to rise. The onchain investigator known as ZachXBT provided the latest updates via his Telegram channel, highlighting the widespread nature and persistent threat of these exploits.
According to ZachXBT, the attacker is systematically targeting a large number of wallets but extracting relatively small sums from each—typically under $2,000 per victim. While individually modest, the aggregated theft is significant and growing. Despite thorough investigations, the precise point of entry exploited by the attacker remains unidentified, leaving the possibility of additional wallet breaches open.
The culprit behind the attack has not been publicly confirmed; however, ZachXBT has drawn attention to a suspicious Ethereum address associated with the activities: 0xAc2e5153170278e24667a580baEa056ad8Bf9bFB. Authorities and blockchain security experts are continuing to monitor the situation closely.
This incident adds to a broader trend of increased cybersecurity challenges faced by the cryptocurrency sector. According to Blockchain security firm PeckShield, December 2025 recorded approximately 26 major crypto exploits, resulting in losses totaling around $76 million. While this figure marks a notable 60% decline from November’s $194.27 million in stolen assets, the trend nevertheless underscores ongoing vulnerabilities in blockchain infrastructure.
Among December’s most high-profile security breaches was the Trust Wallet exploit over the Christmas holiday period, which led to an estimated $7 million lost due to a flaw in a specific version of its browser extension. Trust Wallet has since initiated a compensation process for those affected. The company’s CEO, Eowyn Chen, addressed community concerns, explaining that their browser extension was temporarily removed from the Chrome Web Store due to issues arising from a recent version update. The updated extension includes a new feature to assist users submitting reimbursement claims by verifying wallet ownership through direct code submission.
As the cryptocurrency community grapples with these recurrent security incidents, users are urged to exercise heightened caution with wallet management and third-party extensions. The continued investigations into the ongoing wallet drains across EVM chains aim to uncover the root cause and prevent further losses.
The Block remains committed to delivering timely and objective coverage of developments within the digital asset space. Readers are reminded that this news is for informational purposes and not to be considered legal, financial, or investment advice.
For ongoing updates and detailed reports, stay tuned to The Block’s news feed.
— The Block Editorial Team