Rare EVM Security Breach Raises Alarm on Ethereum

Blockchain researchers have found a rare and serious security problem affecting Ethereum Virtual Machine (EVM) chains. The finding has raised strong concerns across the crypto community.

Investigators confirmed that the attack was coordinated and had already stolen funds from thousands of users.

ZachXBT Uncovers Multi-Chain Crypto Attack Across EVM Chains

In a recent X post, crypto investigator ZachXBT shared proof of a well-planned attack that targeted several Ethereum-based networks. The attack has already caused losses of more than $107,000.

Ethereum accounts for the largest loss, with about $54,600 taken. The BNB Chain follows with around $25,500. Other losses were recorded on Base network, Arbitrum, Polygon, Optimism, Zora, Linea, and Avalanche.

Mysteriously, investigators have not found any phishing messages, harmful smart contracts, or clear user mistakes that explain how the wallets were breached. 

This lack of answers has raised fear among developers, traders, and regular users. Experts warned that more affected cases may still appear.

Possible Connection to the Trust Wallet Extension Hack

This wide distribution highlights how interconnected EVM-compatible networks have become, and how vulnerabilities can spread rapidly across ecosystems.

Researchers have identified a possible link between at least one attacker address and the recent Trust Wallet browser extension breach. 

The incident happened after attackers inserted malicious code into version 2.68 of the extension during an update released over the Christmas holidays. Earlier reports estimate that the compromised extension caused losses of roughly $7 million. 

Trust Wallet CEO Eowyn Chen confirmed that the affected version was removed from the Chrome Web Store after an issue emerged during its update. The latest release includes improved tools to help users verify wallet ownership and claim refunds.

Crypto Attacks Surge as Losses Mount in December

This EVM incident comes during a very difficult time for crypto security. Blockchain security firm PeckShield reported around 26 major attacks in December, with total losses close to $76 million.

One of the biggest attacks involved address poisoning. In this method, scammers used wallet addresses that looked very similar to real ones. This trick caused users to send funds to the wrong address, leading to losses of about $50 million.

Another major attack happened after a private key from a multi-signature wallet was leaked. This breach alone caused losses of more than $27 million. The US government has repeatedly warned about increased online fraud during holiday periods. 

Officials note that Americans lose hundreds of millions of dollars to scams each year. Crypto markets have become a major target within this broader trend.

Blockchain analytics firms estimate that crypto-related theft reached $2.7 billion over the past year. The $1.4 billion Bybit theft alone surpassed historic hacks such as Ronin and Poly Network. A large share of these losses is linked to state-backed hacking groups called Lazarus group.