$330 Million Bitcoin Heist Hits Elderly U.S. Citizen in Fifth-Largest Crypto Theft Ever
Hackers Exploit Social Engineering, Launder BTC Through 300 Wallets and 20+ Exchanges
Sophisticated Fraud Strips Retiree of Over 3,500 BTC
An elderly American citizen has become the victim of one of the largest cryptocurrency thefts in history, losing 3,520 Bitcoin worth $330.7 million in a targeted social engineering attack. The theft, uncovered by blockchain investigator ZachXBT on April 30, 2025, is now ranked as the fifth-largest crypto heist to date.
The attack occurred on April 28, when the stolen BTC—held by the victim since 2017 with no history of large transactions—was swiftly siphoned off and disguised through a complex laundering scheme involving over 300 wallets and more than 20 exchanges.
Monero Used to Obscure Tracks After Bitcoin Theft
Immediately after the theft, the stolen Bitcoin was routed through a “peel chain,” a laundering technique where large sums are fragmented into small, less traceable pieces. These chunks were then funneled through instant exchanges and crypto mixers, with a significant portion ultimately swapped for Monero (XMR)—a privacy coin known for its untraceable transactions.
“$330M in BTC was received in two transactions, then immediately distributed via peel chains,” said Yehor Rudytsia, onchain researcher at Hacken.
Rudytsia confirmed that Hacken’s monitoring tool, Extractor, has tracked $284 million worth of the stolen BTC, though that figure has now diminished to around $60 million following repeated redistribution.
The hacker’s sudden conversion to Monero led to a 50% spike in XMR’s price, briefly pushing it to $339, according to market data. “Once funds are swapped into Monero, tracing becomes virtually impossible,” noted Hakan Unal of Cyvers Alerts.
Preplanned, Automated and Highly Coordinated Operation
Investigators believe the attacker operated with a high degree of premeditation, using pre-existing accounts across multiple exchanges and OTC desks to disperse the funds quickly and avoid detection.
A small portion of the Bitcoin was also bridged to Ethereum and deposited into DeFi platforms, creating additional layers of complexity. Efforts are underway to alert centralized exchanges and freeze suspicious wallets.
“The major issue in these cases is the delay in law enforcement procedures, making timely freezes nearly impossible,” Rudytsia said, comparing it to the 4,064 BTC stolen from Genesis creditors in 2024.
Laundering Methods Unusual — No North Korea Link Confirmed
Despite the scale and precision of the operation, investigators have not linked the heist to any known groups, including North Korea’s Lazarus Group, which was responsible for the $1.5 billion Bybit hack earlier this year.
“The methods used here are automated and sophisticated, but they don’t resemble Lazarus Group’s known tactics,” added Unal.
He stressed the importance of multisignature wallets, rotating private keys, and offline cold storage to safeguard large crypto holdings, especially for individuals with significant long-term positions.
Q1 Crypto Hacks Top $1.6 Billion
This case is part of a broader trend. In Q1 2025 alone, hackers stole over $1.6 billion in cryptocurrency, according to a PeckShield report. The majority of losses—over $1.5 billion—were due to the Bybit hack, but the theft from the elderly American underscores the growing sophistication of independent actors.
Share This
