News 
Coin Information 
About us 
Customer Service 
A 54-year-old American retiree named Brandon recently reported the loss of more than $3 million in XRP from his Ellipal wallet, triggering a major on-chain investigation by crypto analyst ZackXBT. The theft, discovered on October 15, 2025, left Brandon and his wife devastated as the stolen funds represented nearly all their retirement savings, which they had planned to use to buy a home in Las Vegas.
According to Brandon’s account, he noticed his XRP balance missing after checking the Ellipal mobile app. Transaction data revealed two small test withdrawals followed by a massive transfer of approximately 1.2 million XRP to a new address. Within hours, the assets were split across dozens of wallets, leaving only minor amounts of XLM and FLR untouched.
Ellipal responded publicly on October 18, explaining that its investigation showed the user had imported the hardware wallet’s seed phrase into the Ellipal mobile app—turning what was meant to be a secure cold wallet into a vulnerable hot wallet. The company emphasized that Ellipal hardware devices remain fully air-gapped, suggesting that user error, not device compromise, caused the breach.
ZackXBT’s analysis traced the stolen XRP through more than 120 Ripple-to-Tron swaps on the Bridgers (formerly SWFT) platform. The attacker ultimately funneled the assets into wallets linked to OTC brokers connected to Huione, a marketplace in Southeast Asia previously flagged by U.S. authorities.
Experts warn that recovering such funds is extremely difficult once assets pass through cross-chain swaps and OTC channels. ZackXBT cautioned victims to avoid fraudulent “crypto recovery” firms and instead act quickly by reporting incidents to verified investigators and compliant exchanges.
The key takeaway for crypto holders is clear: never enter a hardware wallet’s seed phrase into an online or mobile app. Keeping cold storage truly offline remains essential for safeguarding digital assets.
Comment 0