Active Cross-Chain Attack Drains Over $107K From Hundreds of Crypto Wallets

Source: DefiPlanet Original Title: Active Cross-Chain Attack Drains Over $107K From Hundreds of Crypto Wallets Original Link: https://defi-planet.com/2026/01/active-cross-chain-attack-drains-over-107k-from-hundreds-of-crypto-wallets/

Quick Breakdown

• A live cross-chain exploit has drained over $107K from hundreds of wallets across EVM-compatible blockchains
• Attackers are targeting many small wallets, using tactics similar to address poisoning and key compromise
• Recent breaches show crypto’s biggest threat is shifting from smart contracts to human-layer security

A live cross-chain exploit is draining funds from hundreds of crypto wallets across multiple EVM-compatible blockchains, with total losses now exceeding $107,000 and still rising.

Blockchain investigator ZachXBT raised the alarm early Friday, noting that while individual losses are relatively small, often below $2,000 per wallet, the scale and coordination of the attack suggest a far more serious underlying threat.

What we know so far

According to ZachXBT, the exploit appears to be linked to a suspicious wallet address believed to be connected to the ongoing thefts. Victims are spread across several EVM chains, indicating a highly coordinated operation.

The investigator is actively compiling verified victim addresses and has urged affected users to reach out directly as the situation continues to unfold.

Rather than targeting a single high-value wallet, the attackers are draining numerous smaller wallets, a strategy that allows them to quietly extract funds while avoiding immediate detection.

Multi-Chain strategy raises red flags

Security researchers say the attack’s cross-chain execution points to sophisticated infrastructure, enabling threat actors to operate simultaneously across multiple networks.

The pattern mirrors recent crypto scams involving address poisoning and private-key compromises, where attackers exploit user behaviour or leaked credentials instead of smart contract flaws. Experts warn that this distributed approach maximizes overall gains while buying attackers time before victims can react.

Wallet security breach underscores growing security risks

The warning comes shortly after a recent Christmas Day breach, which drained roughly $7–$8.5 million from users following the installation of a malicious browser extension.

Investigations revealed that a compromised version of the extension contained hidden code that harvested users’ recovery phrases. The malicious release passed security review processes, allowing it to appear legitimate while enabling attackers to siphon funds across Ethereum, Bitcoin, and Solana.

The incident was traced to a wider supply-chain attack that exploited leaked credentials and compromised API keys, bypassing internal approval systems entirely.