TL;DR
- Stealth Attack: Hackers drained $107K from 100+ wallets across EVM chains using small coordinated transactions, making detection harder.
- Security Risks: Losses under $2,000 per wallet bypass monitoring systems, exposing vulnerabilities in self-custody practices and multi-chain activity.
- Broader Exploits: December saw 26 breaches totaling $76M, including Trust Walletās $7M incident, showing persistent threats despite lower monthly totals.
A stealth crypto exploit has shaken the EVM ecosystem as blockchain investigator ZachXBT revealed that hackers drained more than $107K from over 100 wallets. The attack, marked by small but coordinated transactions, has raised urgent concerns about wallet security and the risks of self-custody across multiple chains. Unlike high-profile breaches targeting large balances, this incident spread quietly, siphoning amounts under $2,000 per wallet, making detection slower and response delayed. The scale and subtlety of the exploit highlight vulnerabilities that remain unresolved in decentralized finance.
HACKERS ARE QUIETLY STEALING FUNDS FROM EVERYDAY WALLETS ACROSS EVM CHAINSšØ
Researcher ZachXBT warns that hundreds of wallets are being drained across multiple EVM networks.
Most victims lose small amounts (under $2K), but the total stolen has already reached $107K.
The exactā¦ pic.twitter.com/Jl6DcI0JqE
— Zia ul Haque (@ImZiaulHaque) January 2, 2026
Coordinated Draining Across EVM Chains
On-chain data confirms the wallets affected span several EVM-compatible networks, ruling out a single-chain issue. The consistency in transaction size and timing points to a coordinated effort rather than random thefts. Investigators have tracked funds being routed to related addresses, suggesting a single actor or group is behind the activity. While hundreds of users have been impacted, no specific wallet provider, protocol, or smart contract vulnerability has yet been identified. This uncertainty leaves the community on edge, awaiting clarity on the exploit vector.
Why Small Losses Matter
Though individual losses remain below $2,000, the broader risk lies in the method. By targeting many wallets for limited sums, attackers bypass detection and delay user response. This strategy underscores ongoing risks for self-custody users who interact across multiple chains. The incident arrives amid heightened scrutiny of wallet security following several high-profile exploits in late 2025, reinforcing concerns around approvals, permissions, and private key exposure within the EVM ecosystem.
Broader Pattern of Crypto Exploits
December alone recorded around 26 major crypto exploits, resulting in approximately $76 million in losses, according to PeckShield. While this marked a decline from Novemberās $194 million, exploit activity remains persistent. One notable case involved Trust Wallet, which suffered a $7 million breach tied to its browser extension. Trust Wallet has since begun compensating affected users and rolled out updates to improve verification and reimbursement processes.
Ongoing Investigation and User Precautions
ZachXBT emphasized that the situation is still developing, with no confirmed exploit vector identified. Investigators continue tracking fund movements, urging users to remain alert. The event serves as a reminder that even routine wallet activity carries risk in a rapidly evolving threat environment. As attackers focus on stealth rather than scale, vigilance and proactive security measures are critical for users navigating decentralized finance.
