- Hackers stole $2.3M via private key leak, swapped funds for ETH, and used Tornado Cash to hide transactions.
- Phishing scams and address tricks are rising; even small errors can lead to millions lost.
- Hardware wallets, careful address checks, and employee training are critical for crypto safety.
Crypto security alarms are ringing after wallets 0x1209…e9C and 0xaac6…508 were compromised, causing a loss of roughly $2.3 million in USDT. PeckShieldAlert reported the attack, attributing it to a private key leak. The hacker quickly swapped the stolen USDT for 757.6 ETH and laundered it through Tornado Cash.
Consequently, tracing the funds has become extremely difficult. Wallet 0xaac6…508 alone transferred about $1.8 million, while 0x1209…e9C sent $506,000, both funneling to a single malicious address. This incident highlights the growing risk of private key vulnerabilities in crypto transactions.
Besides this attack, December has seen multiple large-scale losses. On December 20, a victim fell for a phishing scam known as address poisoning, losing nearly $50 million. The attacker tricked the victim by copying the starting and ending characters of a legitimate wallet. After a small test transfer of 50 USDT, the victim sent 49,999,950 USDT to the fake address.
Additionally, on December 18, a whale’s multi-signature wallet lost $27.3 million due to a private key compromise, with part of the funds also routed through Tornado Cash. These consecutive incidents reveal how attackers exploit both human error and technical loopholes.
How Individuals Can Stay Safe
Users should be very careful. They can do this by ensuring to never share private keys or recovery phrases with anyone. Moreover, storing keys offline using hardware wallets drastically reduces exposure to attacks.
Double-check wallet addresses before large transfers. Also, it is advisable to be alert in order to be safe against suspicious messages, links, or emails asking for wallet access. Consistent vigilance and safe practices help prevent devastating losses.
Corporate Responsibilities in Crypto Security
For crypto businesses, risks amplify. Companies should use robust secrets management tools to secure private keys. Limit wallet access strictly to essential personnel and rotate keys regularly.
Additionally, monitoring wallet activity for unusual behavior can help catch attacks early. Employee education on phishing and social engineering remains critical. Consequently, maintaining security protocols builds trust in platforms and protects significant sums.
