Hundreds of crypto wallets have been drained across multiple EVM compatible blockchains in an ongoing attack that has yet to be fully understood. The activity was flagged by onchain investigator ZachXBT, who reported that the attacker is targeting a large number of wallets with relatively small losses per victim, typically below two thousand dollars. While individual thefts appear limited, the cumulative impact has continued to rise, with total losses estimated at more than one hundred thousand dollars so far. The pattern suggests a broad sweep rather than a targeted exploit, increasing concern that more wallets could be affected. At the time of reporting, the point of entry used by the attacker had not been identified, leaving uncertainty around whether the exploit stems from compromised keys, malicious approvals or another shared vulnerability across EVM ecosystems.
Investigators have not publicly identified the attacker, though a suspicious address has been flagged and is being monitored as part of the ongoing analysis. The lack of a clear root cause has raised alarms among users and developers, particularly as EVM chains share common tooling and wallet infrastructure that can amplify the reach of certain exploits. The incident adds to a broader pattern of security challenges facing the crypto industry, where attackers increasingly favor high volume low value strategies that rely on scale rather than single large breaches. According to data shared by blockchain security firm PeckShield, December alone saw more than two dozen major crypto exploits, resulting in losses of around seventy six million dollars. Although that figure represented a decline from November, it underscores the persistent risk environment entering the new year.
The latest wallet draining activity follows several high profile security incidents involving widely used wallet software. In late December, Trust Wallet experienced a security issue linked to a specific version of its browser extension, leading to losses estimated at roughly seven million dollars. The company has since begun a compensation process and introduced additional verification features to assist affected users. These events have renewed calls for stronger security practices, clearer user education and faster incident response across the ecosystem. While the financial impact of the current attack remains relatively contained, its unresolved nature highlights ongoing vulnerabilities in wallet usage and transaction authorization. Market participants are watching closely for further updates, as identifying the attack vector will be critical to preventing additional losses and restoring confidence among everyday users.
