Jonathan Gray
A bitcoiner has fallen victim to one of the largest individual bitcoin thefts ever, losing 783 BTC — worth more than $90 million — in one transaction.
The theft was revealed by blockchain investigator ZachXBT, who described it as a “social engineering attack,” where scammers posed as support staff from a digital asset exchange and a hardware wallet provider.
According to blockchain data, the incident occurred on August 19, 2025, at 11:06 a.m. UTC.
The scammers reportedly convinced the victim they were support agents. By impersonating trusted companies, they were able to get the investor to share wallet information. Within minutes, they drained the wallet of 783 bitcoin.
ZachXBT reported the hacker posed as customer support reps from both a digital asset exchange and a hardware wallet company to steal the victim’s funds.
This is a social engineering attack — where criminals manipulate or deceive individuals into revealing confidential information. Unlike hacks that exploit software weaknesses, these attacks exploit human trust.
A day after the theft, the attacker started trying to launder the stolen bitcoin through Wasabi Wallet, a privacy-focused tool that uses the CoinJoin technique to mix transactions.
This makes it hard to trace where the money goes as stolen coins are mixed with legitimate ones from other users.
Analysts say this is common among cybercriminals. Then, by moving small amounts at a time, criminals test if exchanges will flag or block the funds before attempting larger transfers.
Notably, ZachXBT reported that the stolen bitcoin was first sent to a “clean” wallet address. Experts believe this was planned to avoid raising immediate suspicion.
While the attacker is unknown, ZachXBT ruled out North Korea’s Lazarus Group, which has been behind some of the largest digital asset heists in history. Instead, the theft is thought to be the work of individual scammers skilled in impersonation and fraud.
Interestingly, the theft occurred exactly one year after the $243 million Genesis creditor hack in August 2024, which was a social engineering scam too. Some have speculated the timing was intentional, but there is no evidence linking the two.
This is a scary trend: social engineering scams are getting more and more common in the digital asset space.
In the past few years, scammers have impersonated hardware wallet companies like Ledger and Trezor, even sending out fake emails and physical letters to users to share their secret recovery phrases under the guise of a “critical security update”.
Related: Ledger Leak Victims Hit by Physical Mail Scam
Victims range from seasoned investors to elderly individuals. In a similar scam earlier this year, an American lost over $330 million in bitcoin.
ZachXBT said users need to be vigilant with these scams. Responding to a comment about how to guard against such attacks, ZachXBT said:
“By assuming every call or email you receive is a scam by default.”
