$282 million in cryptocurrency stolen through social engineering: a new threat trend for 2025

The largest cryptocurrency theft of early January involved social engineering tactics against a hardware wallet owner. The attacker gained access to the victim’s private keys, stealing 2.05 million Litecoin (LTC) and 1,459 Bitcoin (BTC) with a total value of $282 million. The incident occurred on January 10 at 23:00 UTC and once again confirmed that social engineering has become one of the main vectors of attack on cryptocurrency assets.

How social engineering helped the hacker gain access to the crypto wallet

According to information from well-known blockchain researcher ZachXBT, the attacker did not use standard hacking techniques or network exploits. Instead, they employed a classic social engineering tactic — impersonating an employee of a trusted company, gaining the victim’s trust, and convincing them to disclose confidential login information or the private key of the wallet.

This technique is one of the most effective because it targets human psychology rather than hardware vulnerabilities. After gaining access, the hacker freely seized all of the victim’s digital assets.

Route of stolen funds: quick conversion and cover-up of traces

The stolen funds were immediately exchanged for the private coin Monero (XMR), which caused a noticeable increase in its price. Within four days of the theft, the value of XMR rose by 70%, reaching $432.64. Some of the Bitcoin was also transferred via the cross-chain DEX Thorchain to other blockchains (Ethereum, Ripple, Litecoin), complicating the tracking of the funds.

ZachXBT analyzed the transaction chain and concluded that there are no signs of involvement by North Korean state hackers, as sometimes suspected in similar cases. It was more likely an act by an individual criminal or a small criminal group focused on social engineering.

Social engineering becomes the main threat to the cryptocurrency sector in 2025

This incident is not an exception but part of a growing trend. At the end of December 2025, analysts noted that social engineering had taken the top spot among attack methods on crypto assets, surpassing even technical vulnerabilities. This is also confirmed by the recent Ledger data leak on January 5, when cybercriminals gained unauthorized access to personal information of hardware wallet users — their names, addresses, and contact details.

Such data is an ideal starting point for social engineering: an attacker can impersonate a Ledger representative and persuade the user to transfer their assets or disclose passwords.

Uncertainty about the victim’s status and prospects for 2026

It remains unknown whether the victim was a private investor or an employee of a company with access to the corporate crypto storage. However, the scale of the theft suggests that it was either a very wealthy private individual or an organization.

For comparison: current BTC prices are around $78.50K, and LTC is trading at about $59.53. Even at today’s prices, the stolen assets are worth significantly less than their original value in January, indicating long-term damage to the victim.

Experts warn that as the cryptocurrency market grows, social engineering will remain a top threat, requiring users to stay vigilant and employ multi-layered security measures when storing digital assets.