美国老年人在社会工程骇客上损失了3.3亿美元的比特币，这是现在是第五大加密抢劫

OnChain调查员Zachxbt说，攻击者采用了先进的社会工程策略来获得受害者的钱包。

An elderly US individual has reportedly become the victim of a devastating $330 million Bitcoin heist, ranking as the fifth-largest crypto hack in history.

据报道，一名老年人已经成为毁灭性的3.3亿比特币抢劫案的受害者，被列为历史上第五大加密货币骇客。

The attacker, who used advanced social engineering tactics to gain access to the victim’s wallet, has been identified by onchain investigator ZachXBT.

攻击者使用先进的社会工程策略来获取受害者的钱包，已由Onchain调查员Zachxbt确定。

The hack, which occurred on April 28, saw the attacker steal 3,520 Bitcoin (BTC), valued at $330.7 million at the time of the theft, and quickly launder the stolen stash using over six instant exchanges to swap it into privacy-focused cryptocurrency Monero (XMR).

该黑客发生于4月28日，袭击者偷走了3,520比特币（BTC），盗窃时价值3,3070万美元，并迅速使用超过六个即时交换来迅速洗过被盗的藏匿处，将其交换为以隐私为中心的密码货币蒙罗内罗（XMR）。

Onchain data reveals that the victim, an elderly individual based in the US, had been holding the Bitcoin in a single wallet since 2017.

OnChain数据显示，自2017年以来，受害者是一个位于美国的老年人，一直在一个钱包中拿着比特币。

After the theft, the attacker swiftly laundered the Bitcoin using a peel chain method — a common obfuscation technique where large sums are broken into smaller, harder-to-trace chunks.

盗窃后，攻击者使用果皮链方法迅速洗了比特币，这是一种常见的混淆技术，大笔款项被分解为较小，难以训练的痕迹块。

“$330M in BTC was received in two transactions, then immediately distributed via peel chains,” onchain researcher at Hacken Yehor Rudytsia said.

Hacken Yehor Rudytsia的OnChain研究人员说：“ BTC的3.3亿美元是通过两笔交易收到的，然后立即通过Peel链分发。”

Over 300 wallets and 20 exchanges involved

超过300个钱包和20个交流

According to internal analysis by Hacken’s Extractor tool, BTC to the value of $284 million was channeled through these chains, which were covered by several layers of peeling and redistribution across low-credibility exchanges.

根据Hacken的提取器工具的内部分析，BTC的价值为2.84亿美元，通过这些链条进行了传播，这些链被跨低降解性交换所覆盖了几层剥离和重新分布。

The analysis indicates that more than 300 hacker wallets and 20+ exchanges or payment services, including Binance, were involved in the laundering operation.

分析表明，包括二手车在内的300多个黑客钱包和20多个交易所或支付服务都参与了洗涤操作。

Cointelegraph has reached out to Binance for comment.

Cointelegraph已接触到binance发表评论。

“Major problem in cases like this (similar to Genesis creditor’s 4064 BTC theft back in August 2024) is that freezing centralized exchange accounts used in the laundering process is hardened due to particularly slow legal process of police reporting and investigations,” Rudytsia added.

鲁迪斯蒂亚补充说：“在这种情况下，主要问题（类似于创世纪债权人的4064 BTC盗窃于2024年8月）是，由于警察报告和调查的法律速度特别缓慢，在洗钱过程中使用的冻结集中式交易账户被加强了。”

Further complicating matters, the attacker converted a significant portion of the BTC into XMR, triggering a 50% surge in Monero’s price, which briefly peaked at $339.

进一步使事情变得更复杂，攻击者将大部分BTC转换为XMR，引发了Monero的价格上涨50％，这短暂达到了339美元。

“Once funds are swapped into Monero, tracing becomes virtually impossible due to its privacy-preserving architecture. The chance of recovery drops significantly after this step,” said Cyvers Alerts senior security operations lead Hakan Unal.

“一旦将资金换成Monero，由于其隐私的建筑几乎不可能进行跟踪。在此步骤之后，恢复的机会大大下降。” Cyvers提醒高级安全操作主管Hakan Unal。

Unal added that the attacker, who had pre-established accounts across multiple exchanges and OTC desks, likely planned the attack meticulously.

Unal补充说，攻击者在多个交易所和OTC办公桌上已经预先建立了帐户，可能会精心计划攻击。

A small portion of the stolen BTC was also bridged to Ethereum and deposited into various platforms, further complicating tracking efforts. Investigators have since alerted exchanges for potential freezing of funds.

一小部分被盗的BTC也被桥接到以太坊，并沉积在各种平台中，进一步使跟踪工作变得复杂。此后，调查人员警告了交易所潜在的资金冻结。

No familiar laundering tactics

没有熟悉的洗钱策略

Previously, ZachXBT had dismissed the theory that North Korea’s Lazarus Group could have been behind the attack, suggesting that independent hackers were responsible.

以前，Zachxbt驳斥了朝鲜的拉撒路集团本来可以落后的理论，这表明独立黑客是负责的。

While attribution remains uncertain, experts agree that the laundering tactics show rare automation and coordination for a heist of this magnitude.

尽管归属仍然不确定，但专家们认为，洗涤策略表现出罕见的自动化和协调，以实现这种规模的抢劫案。

“So far, we haven’t been able to confidently link this activity to any known hacker group, as the laundering methods used — while sophisticated — don’t clearly match the signature patterns of previously identified actors,” Unal noted.

Unal指出：“到目前为止，我们还没有能够自信地将此活动与任何已知的黑客组联系起来，因为所使用的洗钱方法（虽然精致）不能清楚地匹配先前确定的参与者的签名模式。”

He recommended using multisignature (multisig) wallets to eliminate single points of failure, minimizing exposure to hot wallets connected to the internet, regularly rotating private keys, and relying on hardware-based cold storage to safeguard large Bitcoin holdings.

他建议使用多符号（Multisig）钱包消除单个失败点，最大程度地减少接触到Internet连接的热钱包，定期旋转私钥，并依靠基于硬件的冷藏来保护大型比特币持有量。

In the first quarter of 2025, hackers stole more than $1.6 billion worth of crypto from exchanges and onchain smart contracts, blockchain security firm PeckShield said in an April report.

区块链安全公司Peckshield在4月份的报告中说，在2025年第一季度，黑客从交易所和OnChain Smart合同中偷走了价值超过16亿美元的加密货币。

More than 90% of those losses are attributable to a $1.5 billion attack on Bybit, a centralized cryptocurrency exchange, by North Korean hacking outfit Lazarus Group.

这些损失中有90％以上是归因于北朝鲜黑客攻击的Lazarus Group对集中式加密货币交易所Bybit的15亿美元袭击。