U.S. crypto holder loses $3 million in XRP after wallet compromise
U.S. crypto holder loses $3 million in XRP after wallet compromise 
Cryptocurrency Oct 20, 2025 Share
A U.S. retail cryptocurrency investor has lost over $3 million worth of XRP after accidentally exposing their funds through a crypto wallet mistake, with on-chain blockchain sleuth ZachXBT tracing the stolen coins to a laundering network tied to Southeast Asia.
ZachXBT reported on October 19 that around 1.2 million XRP ($3.05M) was drained from an Ellipal wallet belonging to the victim. The funds were quickly moved across blockchains more than 120 times using a swap service called Bridgers (formerly SWFT), which relies on Binance liquidity.
6/ One lesson our industry needs to do better with is not causing confusion with products when you offer both custodial and non-custodial products.
The XRP victim thought they were using the Ellipal cold wallet product when it was a hot wallet.
Frequently I see large Coinbase… pic.twitter.com/JZpkxOoOht
— ZachXBT (@zachxbt) October 19, 2025
By October 15, the assets were consolidated on the Tron network and laundered through over-the-counter (OTC) brokers linked to Huione, a Cambodian financial group recently sanctioned by the U.S. Treasury for facilitating scam and trafficking money flows.
“The victim thought they were using an Ellipal cold wallet, but had actually imported their recovery phrase into a hot wallet, which exposed the funds online,” ZachXBT explained.
Ellipal later confirmed this mix-up, stressing that its offline cold wallets remain secure.
The case highlights how user error, rather than a technical exploit, often leads to multimillion-dollar cryptocurrency thefts. ZachXBT added that recovery is nearly impossible once funds are pushed into sanctioned OTC networks, and warned against predatory “crypto recovery” firms that charge victims large sums with little chance of success.
