Hundreds of long-dormant Ethereum wallets were recently drained into a single tagged address, sparking one of the most pressing crypto security warnings of the week. The incident, first flagged by WazzCrypto on April 30, involved wallets that had remained untouched for years—some dating back to Ethereum’s early era.
Over 260 ETH (approximately $600,000) was stolen from these accounts, with total losses exceeding $800,000 across more than 500 wallets. Many of these wallets had been idle for four to eight years, making the breach particularly alarming.
The drained funds were consolidated into the Etherscan address Fake_Phishing2831105, which has recorded 596 transactions. Notably, 324.741 ETH was transferred to the THORChain Router v4.1.1 around the time of the incident.
The critical question remains: How were these wallets compromised? Investigators have not yet identified the attack vector, leaving multiple theories under discussion:
- Weak entropy in legacy wallet tools
- Compromised mnemonics or seed phrases
- Trading-bot key mismanagement
- Exposure during the LastPass breach era
- Exploitation of outdated key-handling tools
One affected user publicly suggested that the LastPass breach may have played a role in the wallet drain.
This incident underscores a key security principle: idle wallets are not safe wallets. The risk depends on the entire history of the private key, including its generation, storage, and any software or services that handled it. Users are advised to:
- Inventory high-value old wallets
- Transfer funds only after securing new key material via trusted hardware or modern wallet software
- Avoid entering old seed phrases into recovery tools or unfamiliar scripts
- Revoke token approvals to mitigate protocol-level exposure
The wallet drain occurred amid a surge in crypto exploits in April, which saw 28 to 30 incidents and losses exceeding $625 million. As of May 1, DefiLlama reported $635,241,950 in stolen funds for the month. Security experts warn that these incidents highlight vulnerabilities in control surfaces that most users rarely inspect.
While the incidents are not directly linked, they collectively expose weaknesses in key management and protocol security. The broader crypto community is now urged to reassess wallet security practices to prevent similar breaches in the future.
Related articles
CLARITY Act Clears Senate Committee Amid Warren and GOP Clashes Over Crypto Regulation
Inside a packed Senate hearing room on May 14, the air was heavy with the tension of a high-stakes jurisdictional brawl on the CLARITY Act. What was i...
Onramp Secures $12.5M Series A to Expand Bitcoin Custody Platform for Institutions
Bitcoin Magazine Onramp Raises $12.5M Series A to Scale Multi-Institution Bitcoin Custody Platform Onramp has raised $12.5 million in a Series A round...
Bitcoin Jumps 3% to $82K as Senate Passes Crypto Clarity Act; STRC and SATA Drive Bitcoin Credit Boom
Bitcoin Magazine Bitcoin Price Surges 3% Past $82K as Senate Advances Clarity Act, STRC and SATA Fuel Bitcoin Credit Boom Bitcoin price extended its r...
Nigel Farage Claims £5M Harborne Gift Was a 'Reward' for Brexit Campaigning
Nigel Farage now claims that the £5 million ($6.7 million) “gift” he received from billionaire crypto entrepreneur Christopher Harborne was a “reward”...
Strive Asset Management Rebrands to 'Zero-to-One' Daily Dividend Company Despite 85% Stock Crash
Bitcoin (BTC) treasury company Strive, whose common stock has lost 85% in a year, just inexplicably rebranded itself to focus on its dividend calendar...
Senate Banking Committee Passes Digital Asset Market Clarity Act with Bipartisan Support
Bitcoin Magazine Senate Banking Committee Advances Clarity Act, Two Democrats Break Ranks in 15-9 Vote The Senate Banking Committee advanced the Digit...
Ripple CTO Warns XRP Holders: Fake Airdrop Scams Surge on XRPL Network
The XRP Ledger (XRPL) is seeing a drastic rise in fraud attempts targeting its users as the network draws more institutional activity, higher transact...
Myanmar Proposes Death Penalty for Violent Crypto Scammers in New Anti-Scam Bill
Myanmar has proposed introducing the death penalty for violent criminals who coerce victims into crypto scam center operations. Singapore news outlet...