'hundreds' Of Evm Wallets Drained In Mysterious Attack: Zachxbt

The incident is potentially related to December's Trust Wallet hack, which left users drained of $7 million in cryptocurrency.

An attacker has drained "hundreds” of crypto wallets on Ethereum Virtual Machine (EVM) chains, siphoning small sums from each victim in what onchain investigator ZachXBT described as a broad but low-value exploit.

The losses appear limited on a per-wallet basis, with each victim losing less than $2,000, according to ZachXBT. The activity has affected wallets on several EVM-compatible networks, indicating a widespread incident rather than isolated to a single blockchain.

A fraudulent email disguised as legitimate communication from Web3 wallet MetaMask could have been the vehicle for the attack, said cybersecurity researcher Vladimir S., who cited a clue left by another pseudonymous X user.

“This looks like automated, wide-net exploitation,” cybersecurity provider Hackless said, warning users to revoke smart contract approvals and continue monitoring their wallets.

The widespread wallet drain attacker is potentially linked to the Trust Wallet hack that occurred on Christmas, Vladimir S. said, citing another pseudonymous X user.

The incident highlights the need for crypto holders to exercise online safety measures to protect their funds and sensitive information from constant and evolving cybersecurity threats.

Related: Losses from crypto hacks down 60% in December: PeckShield

The Trust Wallet was hacked on Dec. 25, causing $7 million in losses. About 2,596 wallets were compromised in the incident, according to Trust Wallet.

The incident likely occurred due to the “Sha1-Hulud” supply chain attack in November, which compromised npm software packages commonly used by crypto projects to build blockchain applications, according to Trust Wallet’s incident report.

Source: CoinTelegraph