美國老年人在社會工程駭客上損失了3.3億美元的比特幣，這是現在是第五大加密搶劫

OnChain調查員Zachxbt說，攻擊者採用了先進的社會工程策略來獲得受害者的錢包。

An elderly US individual has reportedly become the victim of a devastating $330 million Bitcoin heist, ranking as the fifth-largest crypto hack in history.

據報導，一名老年人已經成為毀滅性的3.3億比特幣搶劫案的受害者，被列為歷史上第五大加密貨幣駭客。

The attacker, who used advanced social engineering tactics to gain access to the victim’s wallet, has been identified by onchain investigator ZachXBT.

攻擊者使用先進的社會工程策略來獲取受害者的錢包，已由Onchain調查員Zachxbt確定。

The hack, which occurred on April 28, saw the attacker steal 3,520 Bitcoin (BTC), valued at $330.7 million at the time of the theft, and quickly launder the stolen stash using over six instant exchanges to swap it into privacy-focused cryptocurrency Monero (XMR).

該黑客發生於4月28日，襲擊者偷走了3,520比特幣（BTC），盜竊時價值3,3070萬美元，並迅速使用超過六個即時交換來迅速洗過被盜的藏匿處，將其交換為以隱私為中心的密碼貨幣蒙羅內羅（XMR）。

Onchain data reveals that the victim, an elderly individual based in the US, had been holding the Bitcoin in a single wallet since 2017.

OnChain數據顯示，自2017年以來，受害者是一個位於美國的老年人，一直在一個錢包中拿著比特幣。

After the theft, the attacker swiftly laundered the Bitcoin using a peel chain method — a common obfuscation technique where large sums are broken into smaller, harder-to-trace chunks.

盜竊後，攻擊者使用果皮鏈方法迅速洗了比特幣，這是一種常見的混淆技術，大筆款項被分解為較小，難以訓練的痕跡塊。

“$330M in BTC was received in two transactions, then immediately distributed via peel chains,” onchain researcher at Hacken Yehor Rudytsia said.

Hacken Yehor Rudytsia的OnChain研究人員說：“ BTC的3.3億美元是通過兩筆交易收到的，然後立即通過Peel鏈分發。”

Over 300 wallets and 20 exchanges involved

超過300個錢包和20個交流

According to internal analysis by Hacken’s Extractor tool, BTC to the value of $284 million was channeled through these chains, which were covered by several layers of peeling and redistribution across low-credibility exchanges.

根據Hacken的提取器工具的內部分析，BTC的價值為2.84億美元，通過這些鏈條進行了傳播，這些鏈被跨低降解性交換所覆蓋了幾層剝離和重新分佈。

The analysis indicates that more than 300 hacker wallets and 20+ exchanges or payment services, including Binance, were involved in the laundering operation.

分析表明，包括二手車在內的300多個黑客錢包和20多個交易所或支付服務都參與了洗滌操作。

Cointelegraph has reached out to Binance for comment.

Cointelegraph已接觸到binance發表評論。

“Major problem in cases like this (similar to Genesis creditor’s 4064 BTC theft back in August 2024) is that freezing centralized exchange accounts used in the laundering process is hardened due to particularly slow legal process of police reporting and investigations,” Rudytsia added.

魯迪斯蒂亞補充說：“在這種情況下，主要問題（類似於創世紀債權人的4064 BTC盜竊於2024年8月）是，由於警察報告和調查的法律速度特別緩慢，在洗錢過程中使用的凍結集中式交易賬戶被加強了。”

Further complicating matters, the attacker converted a significant portion of the BTC into XMR, triggering a 50% surge in Monero’s price, which briefly peaked at $339.

進一步使事情變得更複雜，攻擊者將大部分BTC轉換為XMR，引發了Monero的價格上漲50％，這短暫達到了339美元。

“Once funds are swapped into Monero, tracing becomes virtually impossible due to its privacy-preserving architecture. The chance of recovery drops significantly after this step,” said Cyvers Alerts senior security operations lead Hakan Unal.

“一旦將資金換成Monero，由於其隱私的建築幾乎不可能進行跟踪。在此步驟之後，恢復的機會大大下降。” Cyvers提醒高級安全操作主管Hakan Unal。

Unal added that the attacker, who had pre-established accounts across multiple exchanges and OTC desks, likely planned the attack meticulously.

Unal補充說，攻擊者在多個交易所和OTC辦公桌上已經預先建立了帳戶，可能會精心計劃攻擊。

A small portion of the stolen BTC was also bridged to Ethereum and deposited into various platforms, further complicating tracking efforts. Investigators have since alerted exchanges for potential freezing of funds.

一小部分被盜的BTC也被橋接到以太坊，並沉積在各種平台中，進一步使跟踪工作變得複雜。此後，調查人員警告了交易所潛在的資金凍結。

No familiar laundering tactics

沒有熟悉的洗錢策略

Previously, ZachXBT had dismissed the theory that North Korea’s Lazarus Group could have been behind the attack, suggesting that independent hackers were responsible.

以前，Zachxbt駁斥了朝鮮的拉撒路集團本來可以落後的理論，這表明獨立黑客是負責的。

While attribution remains uncertain, experts agree that the laundering tactics show rare automation and coordination for a heist of this magnitude.

儘管歸屬仍然不確定，但專家們認為，洗滌策略表現出罕見的自動化和協調，以實現這種規模的搶劫案。

“So far, we haven’t been able to confidently link this activity to any known hacker group, as the laundering methods used — while sophisticated — don’t clearly match the signature patterns of previously identified actors,” Unal noted.

Unal指出：“到目前為止，我們還沒有能夠自信地將此活動與任何已知的黑客組聯繫起來，因為所使用的洗錢方法（雖然精緻）不能清楚地匹配先前確定的參與者的簽名模式。”

He recommended using multisignature (multisig) wallets to eliminate single points of failure, minimizing exposure to hot wallets connected to the internet, regularly rotating private keys, and relying on hardware-based cold storage to safeguard large Bitcoin holdings.

他建議使用多符號（Multisig）錢包消除單個失敗點，最大程度地減少接觸到Internet連接的熱錢包，定期旋轉私鑰，並依靠基於硬件的冷藏來保護大型比特幣持有量。

In the first quarter of 2025, hackers stole more than $1.6 billion worth of crypto from exchanges and onchain smart contracts, blockchain security firm PeckShield said in an April report.

區塊鏈安全公司Peckshield在4月份的報告中說，在2025年第一季度，黑客從交易所和OnChain Smart合同中偷走了價值超過16億美元的加密貨幣。

More than 90% of those losses are attributable to a $1.5 billion attack on Bybit, a centralized cryptocurrency exchange, by North Korean hacking outfit Lazarus Group.

這些損失中有90％以上是歸因於北朝鮮黑客攻擊的Lazarus Group對集中式加密貨幣交易所Bybit的15億美元襲擊。