On-chain Detective Reveals: Bitcoin Users Suffered $91 Million Loss from Social Engineering Attack

On August 20, a Bitcoin (BTC) user lost up to $91 million (about 783 BTC) in a carefully designed social engineering attack in a single transaction. On-chain investigator ZachXBT pointed out that the attacker subsequently transferred the stolen funds to the privacy-focused Wasabi Wallet in an attempt to obscure the flow of funds. This incident highlights once again that social engineering scams in the Crypto Assets space have become a black market industry worth billions of dollars.

Single transaction loss of 783 BTC, funds flowing into privacy wallet

(Source: ZachXBT)

According to on-chain data released by ZachXBT, the theft occurred at 11:06 AM UTC on August 20. The victim was tricked by fraudsters impersonating cryptocurrency exchange and hardware wallet support personnel into revealing private information, resulting in the one-time transfer of 783 BTC from the cold wallet.

Just one day later, the attacker began to launder funds through the mixing function of Wasabi Wallet, hiding the source of funds through multiple transaction paths, increasing the difficulty of tracking.

Attack Method: Fake Support Staff + Emergency Security Update

The core of social engineering attacks lies in psychological manipulation. The fraudsters impersonate the official support of well-known hardware wallet brands like Ledger and Trezor, claiming that the user's device requires a "critical security update"; otherwise, they will lose access to their funds.

In this case, the victim was directed to a counterfeit website and entered the wallet's secret recovery phrase (Seed Phrase), giving the attacker full control. ZachXBT recommends that users treat all incoming calls and emails as "default scams" and verify through official channels.

is not a North Korean hacker, but the pattern is similar to large-scale attacks

Although ZachXBT ruled out the involvement of North Korea's Lazarus Group, the scale of this incident is similar to past major Crypto Assets theft cases.

In April 2025, an elderly American lost over 330 million USD in BTC due to a similar social engineering attack; in February of the same year, a crypto exchange was hacked, resulting in losses of up to 1.4 billion USD.

According to data from the blockchain security company CertiK, various attacks in the Crypto Assets sector have caused losses exceeding $2.1 billion in the first five months of 2025, with wallet hacks and phishing attacks accounting for the majority.

Prevention Advice: Never Leak Your Seed Phrase

Experts remind us that the key to preventing social engineering attacks is:

1. Seed phrases and private keys must never be leaked; anyone asking for them is a scammer.

2. Refuse to click on unfamiliar links, especially those related to asset security.

3. Multi-factor authentication, official support will not actively call to request asset transfers.

4. Use cold wallets and multi-signatures to reduce the risk of a single point of failure.

Conclusion

The $91 million Bitcoin theft case once again proves that even experienced users can fall victim to meticulously designed social engineering attacks. As the scale of the crypto market expands, fraudulent methods will continue to evolve. Investors must remain vigilant and establish strict security habits to remain undefeated in this prolonged battle of digital assets. For more reports on crypto security and on-chain tracking, please follow the official Gate platform.