On April 27, 2025, at 22:30 UTC, a wallet holding 3,520 Bitcoin, was drained in a transfer to bc1qcrypchnrdx87jnal5e5m849fw460t4gk7vz55g. On-chain investigator ZachXBT flagged the theft on X nine hours later, revealing a sophisticated Monero laundering operation that saw the funds swapped into the privacy coin via over six instant exchanges, spiking XMR’s price 50% on April 28, from $230 to $339.
The wallet belonged to a longtime Bitcoin holder, likely a retail investor on platforms like Gemini or Coinbase, ZachXBT noted. Its history showed years of accumulation, a ‘Bitcoin OG’.
Sleuths pointed to social engineering: the victim was likely tricked into sharing keys via a fake support call, a tactic on the rise. Groups like “Elusive Comet” use Zoom exploits, similar to the Lazarus Group, who were linked to the $1.5 billion Bybit heist in February 2025.
Laundering Method
The attacker fragmented the 3,520 BTC, routing it through instant exchanges, likely those known for lax KYC, though none were confirmed. The Monero laundering process incurred 1-3% fees per atomic swap, likely costing millions.
Monero’s ring signatures and stealth addresses ensured untraceability, a feature driving its use in Monero laundering schemes, leading exchanges like Kraken to delist it since 2024. ZachXBT noted the inefficiency, hundreds of orders, millions in fees, marked this as theft, not legitimate trading.
Monero’s market reacted sharply. With a circulating supply of 18.4 million coins and daily volume around $150 million, the $330 million Monero laundering influx drove XMR’s price up 50%, settling at $289. Monero’s privacy appeal grows: on April 25, two Spar supermarkets in Switzerland began accepting XMR via DFX Swiss, showing retail potential.
The theft exposes crypto’s vulnerabilities. Instant exchanges, a weak link in Monero laundering operations, have facilitated $100 billion in illicit flows since 2019, per Chainalysis. Regulators, wary of privacy coins, may tighten scrutiny, the EU recently warned of crypto’s risks to financial stability. For the victim, the loss is stark: $330 million, likely a lifetime’s investment. Social engineering bypasses robust security, proving the human element is crypto’s Achilles’ heel. As ZachXBT noted, no custody solution stops a well-placed lie. In a trustless tech market, trust remains the hardest thing to secure.