Independent blockchain detective ZachXBT reported that a large amount of crypto assets was stolen around 11 p.m. (UTC) on January 10. A victim lost more than $282 million worth of Litecoin (LTC) and Bitcoin (BTC) due to a suspected social engineering scam related to a hardware wallet. 
According to on-chain information compiled by the investigator, after stealing the assets, the attackers began converting large amounts of LTC and BTC into Monero (XMR) through multiple "instant exchange" services, causing the price of XMR to rise significantly in a short period of time.
Meanwhile, some Bitcoins were also transferred to Ethereum, Ripple, and Litecoin networks via Thorchain, increasing the difficulty of tracking them.
The stolen addresses exposed in this incident include approximately 2.05 million LTC and 1,459 BTC, which are labeled as follows:
BTC: bc1qluxw46r55wf3dnk9c652vrt4duadm3hpuktf86
BTC: bc1qpsmh26ja0fzzf286zulmt9eywujc2pggj40wzm
LTC: ltc1qly43c2prj4c2e85dcspzpjd36jnapnenldnr70
This incident demonstrates that even when using self-custodial tools such as hardware wallets, which are considered relatively secure, large sums of money can still be transferred or laundered in a short period of time if the identity verification, private key custody, or customer support processes are subjected to sophisticated social engineering attacks. Furthermore, privacy coins and cross-chain mechanisms can further enhance anonymity.
For professional and institutional investors, simply relying on "cold wallets" is no longer enough. How to design stricter human processes and access controls will be one of the focal points of subsequent discussions on this type of event.
