282 million dollars stolen: how modern hackers operate in 2025

A hacker managed to steal cryptocurrencies valued at $282 million through a targeted social engineering attack against a hardware wallet. The incident, carried out on January 10th, represents a landmark case of how hackers are evolving their tactics in 2025, prioritizing the human factor over technical failures. This massive theft highlights a growing trend where hackers discard traditional attack vectors to focus on psychological manipulation.

The Attack: Bitcoin and Litecoin Theft via Social Engineering

The hacker specifically targeted a victim who owned a hardware wallet, stealing 1,459 bitcoins (BTC) and 2.05 million litecoins (LTC). According to the specialized investigator ZachXBT, the funds were quickly exchanged for monero (XMR), a privacy-focused cryptocurrency that facilitates hard-to-trace transactions. The speed of the operation is remarkable: the hacker converted most of the loot into XMR within hours, using multiple instant exchanges.

At current prices, the total amount reaches approximately $282 million, considering BTC trades around $78.74K and LTC at $59.50. The value of the theft underscores that this was not a random attack but a targeted operation aimed precisely at a high-net-worth individual.

The Money Trail: Movements Between Blockchains

A sophisticated strategy employed by the hacker was to split the funds across multiple networks. Part of the bitcoin was transferred to Ethereum, Ripple, and Litecoin using Thorchain, a protocol that facilitates cross-chain swaps. This level of technical sophistication suggests that the hacker possesses advanced knowledge of crypto infrastructure, not just social manipulation skills.

ZachXBT dismissed the involvement of North Korean actors, initially ruling out the hypothesis of an organized cybercriminal group sponsored by states. The massive movement of XMR during the four days following the theft caused a 70% increase in monero’s price, a pattern that hints at when the hackers began liquidating their gains.

Trend 2025: Hackers Choose Social Engineering as Their Main Weapon

The incident on January 10th aligns with a concerning trend detected in 2025: hackers are gradually abandoning technical hacking in favor of social engineering as their dominant attack vector. A social engineering attack typically involves the attacker impersonating a trusted employee or legitimate contact, gaining the victim’s trust before persuading them to reveal sensitive information such as private keys or access credentials.

A few days before this incident, on January 5th, hardware wallet provider Ledger suffered a massive data breach resulting from unauthorized access, exposing user names and contact information. Such breaches provide hackers with target directories of potential victims holding cryptocurrencies, enabling more targeted social engineering campaigns. The combination of exposed data and psychological manipulation tactics creates an increasingly vulnerable scenario for individuals and companies in the crypto sector.

How to Protect Yourself? Experts Warn About These Attacks

The sophistication of the attack raises fundamental questions about the victim profile: experts still do not know whether it was an individual cryptocurrency holder or a company. Regardless, the event underscores the need to implement psychological defenses alongside technical ones.

Modern hackers are trained in persuasion techniques that surpass technical security. In response, specialists recommend: verify identities through independent channels, never share private keys under pressure, and implement multi-factor confirmations requiring physical validation. In 2025, user education is positioned as the critical frontier in defending against hackers who prioritize manipulation over technology.