The owner of the cryptocurrency claimed that the attackers stole about $24 million in crypto loot after a massive attack, and now blockchain security analysts are tracking the movement of funds on the chain.
Conclusion
- A crypto user named “Silly Tuna” claims that the attackers used violence and intimidation to steal around $24 million worth of digital assets.
- Blockchain security firm PeckShield said the funds were spent in an address poisoning attack and partially transferred to staged wallets.
- According to reports, about $20 million in DAI is located in two wallets, while small portions have already been transferred to Arbitrum.
$24 million crypto heist linked to poisoning
In a series of posts on X, a user who went by the name “Silly Tuna” claimed that the robbery took place during a physical attack involving a weapon and threats of kidnapping and sexual assault. The user said police had been contacted and described the incident as a “violent attack and robbery,” adding that the attackers targeted their crypto assets.
“They still have arms and legs, oops,” the user wrote, claiming that they were held while the attackers threatened them with an ax and forced them to transfer money.
The victim said the stolen assets were transferred to an Ethereum wallet starting at 0x6fe0…0322 and offered a 10% reward for all recovered funds. The user also invited blockchain investigators to help track transactions.
Blockchain security firm PeckShield later reported that an address associated with the victim had been drained of nearly $24 million worth of aEthUSDC, describing the incident as an address poisoning attack.
According to the company, approximately $20 million of DAI associated with the exploit currently resides in two demo wallets controlled by the attackers, each holding approximately $10 million. These wallets haven’t been mixed yet, so the funds are now being tracked.
PeckShield also said that the attacker had begun transferring small amounts of stolen assets to the Arbitrum-2 network, a move often used by attackers to break or hide transaction trails.
The incident highlights the growing risk of physical attacks on cryptocurrency holders, sometimes referred to as “key attacks,” in which criminals use coercion or violence to force victims to hand over private keys or perform transfers.
It was not clear whether any of the stolen funds had been recovered at press time.
