A coordinated wave of cryptocurrency theft is quietly unfolding across multiple blockchain networks.
ZachXBT, a well-known blockchain sleuth, has flagged an ongoing series of wallet-draining incidents that have already affected hundreds of users. While individual losses remain relatively small, the cumulative impact continues to grow as more compromised wallets are uncovered.
Hundreds of Users Affected by Low-Value Drains
According to information shared by ZachXBT, the attack has targeted hundreds of wallet addresses, with most victims losing less than $2,000 each. This approach appears designed to keep individual losses below the threshold that typically draws immediate attention.
However, when viewed in aggregate, the damage is more substantial. Current on-chain estimates put total losses at approximately $107,000, a figure that continues to climb as investigators identify additional affected wallets.
Losses Spread Across Major EVM Networks
As investigators traced the stolen funds, a clear multi-chain pattern emerged. Specifically, the attacker operates across several EVM-compatible networks rather than focusing on a single blockchain.
Data from a dashboard shared by ZachXBT shows Ethereum bearing the largest share of losses, with roughly $54,655 drained. BNB Chain follows with approximately $25,545 stolen. Additional losses have been recorded on Base ($8,688), Arbitrum ($6,273), and Polygon ($3,498).
Beyond these networks, smaller amounts have also been siphoned from Optimism, Ink, Zora, Linea, and Manta Pacific, further reinforcing the broad reach of the activity.
No Clear Entry Point Identified So Far
Despite the growing volume of data, investigators have yet to identify a definitive cause. ZachXBT has noted that no specific wallet provider or decentralized application has been conclusively linked to the drains.
Moreover, the pattern of the theft suggests a high degree of automation rather than isolated compromises. Funds are being extracted in small, systematic increments, which points to potential exposure of private keys or misuse of token approvals. For now, however, no confirmed technical explanation has been established.
As part of the ongoing investigation, ZachXBT identified a single address as the primary collection point for the stolen assets:
0xAc2e5153170278e24667a580baEa056ad8Bf9bFB
Consequently, users are advised to review their transaction histories on tools such as Etherscan or BscScan. Any interaction with this address could indicate exposure to the draining activity.
Incident Follows Trust Wallet Extension Breach
Notably, the alert arrives only days after ZachXBT helped uncover a separate and more severe security incident involving the Trust Wallet browser extension. In that case, a malicious update identified as version 2.68 enabled unauthorized fund withdrawals directly from user wallets.
ZachXBT’s early findings indicated that the incident was not phishing-related, but rather, a supply-chain compromise. Ultimately, the breach resulted in approximately $7 million in losses.
Subsequently, Trust Wallet confirmed the issue and has since begun issuing refunds to users whose losses have been verified.
DisClamier: This content is informational and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not reflect The Crypto Basic opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
Bitcoin 
Ethereum 
Tether 
XRP 
BNB 
USDC 
TRON 
Lido Staked Ether 
Dogecoin 
Figure Heloc 