Крипто-уязвимость: Как неопытный пользователь потерял $3 млн в XRP из-за ошибки с холодным хранилищем Translation: Crypto Vulnerability: How an Inexperienced User Lost $3 Million in XRP Due to a Cold Storage Mistake

Criminals have made off with 1.2 million XRP, amounting to $3 million, from a user’s wallet in the United States. This incident was reported by the on-chain investigator ZachXBT.

According to him, on October 12, hackers placed over 120 conversion orders to exchange XRP for TRX via the aggregator Bridgers. By the 15th, they had consolidated all the funds on the Tron network and subsequently laundered them through over-the-counter exchanges linked to the largest illegal trading platform Huione.

ZachXBT noted that the victim was an inexperienced user, and the incident arose due to their mistake. The affected person believed they were using a cold wallet from Ellipal, but in reality, they were operating a hot wallet.

Ellipal’s developers commented on the incident, revealing that during an internal investigation, it was found that the user manually imported the seed phrase from their hardware wallet into a mobile application, thus creating a digital version of the wallet.

The user utilized the Ellipal app on two devices, but with different statuses:

The company insists that its devices maintain complete isolation and there have been no documented cases of compromise. Representatives state that the incident resulted from a misunderstanding and a critical error.

An expert believes the chances of recovering the assets are low. The user was unable to quickly connect with American law enforcement. Additionally, the Ripple community lacks an effective support system for victims, the investigator emphasized.

ZachXBT mentioned that systemic issues contribute to widespread cryptocurrency theft. Wallet manufacturers often make it difficult for users to understand the differences between custodial and non-custodial products.

«I frequently encounter major thefts through phishing disguised as Coinbase support, where victims, influenced by social engineering, transfer funds from their exchange accounts to a compromised Coinbase Wallet. Following this, some victims report that they were unaware of the differences between these products,» he wrote.

The problem is exacerbated by shortcomings in law enforcement. According to the expert, there is a shortage of qualified investigators who can handle such issues, while the influx of reports exceeds the authorities’ capacity.

The on-chain investigator considers the most effective jurisdictions to be the USA, the Netherlands, Singapore, and France. However, the ultimate result depends on the specific investigator, he clarified. In other countries, the process tends to be even less productive and excessively costly.

«Another lesson is that over 95% of companies offering recovery services are predatory and charge high fees for basic reports that contain little useful information,» the expert added.

Companies that aggressively use SEO promotion are particularly aggressive. According to ZachXBT, they take on hopeless cases just to profit from desperate victims.

«Poor companies would halt tracking this XRP theft on Binance and generate a report recommending ‘contacting the exchange,’ when in reality, the Bridgers service was used, or they would fail to identify addresses associated with Huione,» he pointed out.

It’s worth noting that the total financial losses in the digital asset industry due to hacker attacks fell by 37% to $509 million in the third quarter, as reported by analysts at CertiK.