A U.S. investor has reported a staggering loss of over $3 million in XRP due to a recent crypto theft, prompting widespread discussion about the security of digital wallets. The incident, which unfolded in mid-October, has raised alarms among crypto holders regarding the safety of their assets and the steps necessary to protect them.
The affected investor, identified as Brandon, a 54-year-old retiree from North Carolina, discovered the shocking theft on October 15 when he checked his balance on the Ellipal mobile app. To his dismay, he found that over 1.2 million XRP had been transferred out of his wallet on October 12, a transaction he traced back to a series of small test transfers he had conducted prior to the loss.
Brandon had entrusted his retirement savings to XRP, with plans to use the funds to purchase a home in Las Vegas. Fortunately, he noted that other smaller amounts in different tokens, including $1,000 in XLM and $900 in FLR, remained untouched.
In an effort to understand the situation better, Brandon shared his experience on social media and filed a report with the FBI’s Internet Crime Complaint Center. Unfortunately, he encountered obstacles in reaching cybercrime experts quickly, leaving him frustrated in his attempts to recover his funds.
In a statement on October 18, Ellipal clarified that the theft occurred due to the importation of the wallet’s seed phrase into their mobile app. The company emphasized that importing a seed phrase into any device with internet access effectively turns a cold wallet into a hot wallet, thereby compromising its security. A cold wallet, by design, remains offline and secure until the moment a seed phrase is added to an online application.
Brandon utilized the Ellipal app on both his iPhone and iPad, noting that the color of the app’s background indicated the connection type: blue for cold wallet and orange for hot wallet. This distinction was crucial, as Ellipal highlighted that the incident stemmed from the seed import process, not a flaw in their hardware devices.
Crypto analyst ZackXBT took to social media to provide updates on the situation, revealing that he had traced the stolen XRP using on-chain data. By analyzing transaction times and amounts, he corroborated Brandon’s timeline and noted that the funds had been quickly converted to other assets through a swap tool known as Bridgers. This method of conversion involved over 120 Ripple-to-Tron swaps, ultimately funneling the assets to a Tron wallet and then to over-the-counter brokers linked to Huione, a marketplace currently under U.S. scrutiny.
Experts have warned that once stolen funds are swapped and transferred through multiple channels, recovery becomes exceedingly difficult. ZackXBT cautioned that many recovery firms are not reliable and often charge exorbitant fees for limited assistance.
In light of this incident, the crypto community is urged to exercise caution, especially those managing significant holdings. ZackXBT emphasized the importance of swift action when dealing with theft, advising victims to report incidents to exchanges and law enforcement immediately to potentially freeze assets. However, the rapid movement of funds across different chains complicates recovery efforts.
Brandon hopes that by sharing his experience, he can help others avoid similar situations. He expressed deep concern over the loss, which has nearly depleted his retirement savings. Experts now recommend that users refrain from importing a cold wallet’s seed into a hot wallet and advise maintaining separate wallets for online and offline storage to enhance security.
This incident serves as a stark reminder of the vulnerabilities that can exist within the crypto ecosystem and the critical importance of maintaining best practices for wallet security.
