Bitcoin News Today: "Stolen $91M Exposes Crypto’s Fatal Flaw: Trust in the Wrong Hands"

Generated by AI AgentCoin World
Thursday, Aug 21, 2025 8:28 pm ET2min read
BTC
--
Aime RobotAime Summary

- A Bitcoin investor lost $91M via a social engineering attack after being tricked into surrendering wallet credentials to impersonators posing as support staff.

- Attackers laundered 783 BTC ($91.4M) through Wasabi Wallet, mirroring tactics used in a $243M theft from Genesis creditors last year.

- Crypto thefts surged to $2.1B in early 2025, with wallet compromises and phishing accounting for most losses, including Bybit's $1.4B breach.

- Experts warn of rising state-backed cybercrime networks (e.g., North Korean actors) and urge stronger verification to combat untraceable digital thefts.

A

Bitcoin
investor lost $91 million in a single transaction after falling victim to a social engineering attack on August 19, as revealed by pseudonymous blockchain investigator ZachXBT. The victim was deceived by individuals posing as support representatives from a hardware wallet provider and a cryptocurrency exchange, who convinced them to hand over access to their wallet credentials. The attack resulted in the transfer of 783 BTC, which equated to $91.4 million at the time of the incident [1].

Blockchain data indicates that the theft occurred at 11:06 am UTC, with the stolen funds being laundered a day later through the Bitcoin privacy-focused Wasabi Wallet to obscure the trail [2]. The attacker deposited the funds into a clean Bitcoin wallet address—“bc1qyxyk”—before using Wasabi’s features to anonymize the transaction. The move mirrors previous attacks, with ZachXBT noting that this incident occurred exactly one year after the $243 million Genesis creditor theft, which also involved similar impersonation tactics [3].

Social engineering attacks have become increasingly prevalent in the crypto space, exploiting victims ranging from experienced investors to elderly users. These schemes often involve attackers impersonating customer support agents or urging users to reveal private keys or reset two-factor authentication. ZachXBT emphasized the importance of treating all unsolicited communications—especially those requesting personal information—as potential scams [1].

The stolen $91 million incident is part of a broader trend of rising crypto-related thefts. According to data from blockchain security firm CertiK, over $2.1 billion was stolen through crypto-related attacks in the first five months of 2025, with wallet compromises and phishing accounting for the majority of losses. The most significant breach was the $1.4 billion exploit of crypto exchange Bybit in February, highlighting the vulnerability of even well-audited platforms [1].

ZachXBT also ruled out the involvement of the North Korean state-backed Lazarus Group in this particular attack, despite their prior association with large-scale crypto thefts. However, the report highlights broader concerns about state-backed cybercriminal networks, particularly those linked to North Korea. A separate investigation into a $680,000 theft in June revealed how a small group of North Korean IT workers used false identities to infiltrate crypto projects, posing as legitimate developers [2].

The attack underscores the growing need for individuals and institutions to adopt more robust verification and security measures, particularly when dealing with sensitive financial information. ZachXBT has repeatedly stressed the importance of treating all unsolicited communications with suspicion and urged crypto platforms to improve their hiring and vetting processes to prevent infiltration by malicious actors [3].

As crypto crime continues to evolve, the industry faces significant challenges in mitigating risks. With stolen funds often difficult to trace and recover, victims frequently find themselves without legal recourse, particularly when perpetrators operate in uncooperative jurisdictions or are minors. This situation has led to calls for improved international cooperation and more comprehensive regulatory frameworks to address the growing threat of digital theft and social engineering attacks [4].

Source:

[1] ZachXBT (https://cointelegraph.com/news/bitcoiner-loses-91m-social-engineering-attack-zachxbt)

[2] Inside the North Korean crypto worker network linked to $680k hack (https://blockchaintechnology-news.com/news/inside-the-north-korean-crypto-worker-network-linked-to-680k-hack/)

[3] Crypto's biggest sleuth has 10 shocking questions on hacks (https://www.thestreet.com/crypto/innovation/cryptos-biggest-sleuth-has-10-shocking-questions-on-hacks)

[4] Victim Loses $91M in Bitcoin in Social Engineering Scam (https://finance.yahoo.com/news/victim-loses-91m-bitcoin-social-181358791.html)