, with stolen funds moved into Wasabi.){kind=link}
On-chain investigator Zach reported that a single victim lost 783 BTC, about $91M, after falling for a social engineering scam that impersonated both exchange and hardware wallet customer support.
The attacker moved the stolen coins off the wallet and began routing deposits into Wasabi, a cryptocurrency mixer.
The incident happened on the first anniversary of a separate $243M theft that targeted Genesis creditors.
Zach flagged the pattern on X(Twitter), and investigators watching the chain later tracked the early movements of the funds.
How did the theft unfold?
Zach said the scam began with targeted social engineering, where the attacker posed as official support staff. The victim was persuaded to reveal access details or to approve transfers.
After gaining control, the actor emptied the account and started breaking up the haul. Some of the funds were sent to Wasabi, a service that can make tracing funds harder. The speed and method suggest a planned and practised operation rather than a random theft.
A commenter on Zach’s post expressed alarm about the safety of crypto assets after seeing the loss. They asked how such a thing could happen and said that sometimes cash feels safer.
Zach answered that the problem is that a lot of personal data is floating online from past breaches. That spread of data makes it easier for criminals to craft convincing lies and to impersonate trusted services.
Also Read: Coinbase Data Breach Hacker Mocks ZachXBT After Major $42.5M Swap
What this means?
This case shows how fragile security can be when human trust is the weak link. Wallets and exchanges can have strong technical protections. But if someone can trick a user into giving up access, those protections do not help.
The theft is a reminder that public and leaked data can feed scams. People who hold digital assets face risk not only from bugs or hacks but also from social tactics that target real people. For the wider market, large single losses can shake confidence and push users to rethink custody and verification steps.
Moving money into privacy-focused services makes recovery difficult, and that is why quick detection and reporting are crucial. On-chain sleuthing can show where money went, but it does not always lead to recovery.
Law enforcement and exchanges may need clear evidence and fast action to freeze or reclaim funds.
Zach on the new $YZY token
Zach also said he will not spend time reviewing trading tied to the new $YZY token that launched on Solana. He said there is little incentive to dig into cases where insiders may have profited and where the work would not change outcomes.
In short, he chose to focus on cases where tracking leads to clear paths for action, rather than on token trades that may involve private gains by people close to a project.
Complex market activity and insider deals can be hard to prove or to act on. Zach’s choice reflects a practical view of where his efforts can have the most impact.
Also Read: Crypto Investigator ZachXBT Helps Freeze $5M After Central Bank of Brazil’s $140M Hack