Bitcoiner Loses $91M in Social Engineering Attack
Crypto's latest cautionary tale just dropped—and it's a $91 million gut punch.
The Setup
Social engineers pulled off a masterclass in psychological manipulation, bypassing technical safeguards through pure human hacking. No smart contract exploits, no blockchain vulnerabilities—just old-fashioned deception executed with digital precision.
The Aftermath
Another brutal reminder that the weakest link in crypto security isn't in the code—it's between the chair and the keyboard. While decentralized protocols battle for bulletproof perfection, human psychology remains the ultimate attack vector.
Finance's cold truth: The market will happily separate fools from their money—with or without permissionless networks. Maybe add 'social engineering resistance' to your investment thesis checklist.
Details of the attack
According to blockchain data, the theft occurred on Tuesday at 11:06 am UTC.
The stolen Bitcoin was quickly moved to a privacy-focused Wasabi Wallet, with laundering activities starting the following day.
Social engineering attacks like this involve deceiving individuals into revealing sensitive information, such as private keys or passwords, ultimately leading to loss of funds. ZachXBT advised:
“Assume that every call or email received is a scam by default.”
Suspects and laundering tactics
While ZachXBT did not identify specific suspects, he ruled out the North Korean Lazarus Group.
The attacker initially received the funds at a clean address before attempting to obscure the trail using Wasabi Wallet’s privacy features.
Notably, the attack happened exactly one year after the $243 million Genesis creditor theft.
Impersonation of hardware wallet providers
Scammers have increasingly impersonated hardware wallet companies such as Ledger and Trezor.
In April, fraudulent actors sent letters claiming to be from Ledger, urging users to provide their recovery seed phrases under the pretense of a security update.
These tactics have targeted both experienced investors and less tech-savvy individuals.
Crypto theft remains widespread
Blockchain security firm CertiK reported that over $2.1 billion has been stolen in bitcoin-related attacks in the first five months of 2025, with major incidents including the $1.4 billion Bybit exploit.
The majority of losses stem from compromised wallets and phishing attacks, underscoring the ongoing risks in the industry.
