Business Sandesh Indian Newspaper | Articles | Opinion Pieces | Research Studies | Findings & News | Sandesh News
Crypto users are on high alert following a warning from prominent on-chain investigator ZachXBT about an active exploit draining hundreds of wallets across multiple Ethereum Virtual Machine (EVM)-compatible blockchains.
The attack, flagged on January 2, 2026, targets a wide range of wallets, siphoning relatively small amounts—usually under $2,000 per victim—to evade quick detection. Total losses have already surpassed $107,000, with the figure continuing to climb as the incident remains unresolved. The root cause is still unidentified, and investigators note it does not appear to stem from a single protocol hack, typical phishing scam, or specific dApp vulnerability.
ZachXBT highlighted the issue via his investigations channel, prompting widespread alerts in the community. Affected chains include Ethereum, BNB Chain, Base, Arbitrum, Polygon, and others, involving various tokens like ETH, BNB, RON, stablecoins, and memecoins. A suspicious consolidation address (0xAc2e5153170278e24667a580baEa056ad8Bf9bFB) has been identified, but the entry point—possibly related to lingering token approvals, blind signatures, or compromised permissions—remains unclear.
This incident underscores persistent security challenges in self-custody wallets, where unnoticed small transactions can accumulate into significant losses.
**How to Protect Yourself**
Crypto holders should take immediate steps:
1. **Revoke Approvals** — Use tools like revoke.cash or etherscan’s token approval checker to cancel old or suspicious permissions.
2. **Monitor Activity** — Regularly check wallets for unauthorized transactions via explorers like Etherscan or DeBank.
3. **Avoid Blind Signatures** — Never approve unknown transactions; use simulation tools like Pocket Universe.
4. **Use Hardware Wallets** — Store larger holdings offline for added security.
5. **Stay Updated** — Follow reliable sources like ZachXBT for real-time developments.
As the exploit is ongoing, vigilance is key. While not as dramatic as major bridge hacks, these “silent” drains highlight why routine security hygiene is essential in DeFi. Users are urged to act swiftly to minimize risks.
