A significant security breach involving a U.S.-based cryptocurrency user has resulted in the loss of approximately $3.05 million, equivalent to 1.2 million XRP. The incident occurred after the user’s Ellipal wallet was compromised, leading to the illicit laundering of the stolen funds through over-the-counter networks connected to Huione in Southeast Asia.
Blockchain investigator ZachXBT provided a detailed timeline of the events in a thread on social media platform X. He reported that on October 12, the attacker executed 120 Ripple-to-Tron swaps using bridging services formerly known as SWFT. This process allowed the attacker to consolidate the stolen assets on the Tron network before reallocating them to OTC addresses associated with Huione within just three days.
The investigation further revealed that the laundering operation tied back to entities within the Huione Group, an organization recently classified by the U.S. Financial Crimes Enforcement Network (FinCEN) as a “foreign financial institution of primary money-laundering concern.”
According to ZachXBT, the victim’s lack of experience may have been a contributing factor to the incident. The user seemingly misunderstood the security features of the wallet, mistakenly believing it functioned as a secure offline cold wallet. In reality, it operated as a hot wallet, exposing it to internet vulnerabilities.
The breach led to a swift depletion of funds, observable on various block explorers as transactions moved through liquidity endpoints associated with Binance, utilizing the infrastructure provided by Bridgers.
ZachXBT expressed concern over the low likelihood of fund recovery, pointing to the limited abilities of law enforcement agencies to pursue cryptocurrency crimes that span multiple jurisdictions. He has called for more stringent controls from centralized exchanges and stablecoin issuers to combat illicit financial flows through OTC channels.
This situation continues to develop, highlighting ongoing challenges in safeguarding digital assets amid increasing sophistication in cryptocurrency-related criminal activities.
