Retiree loses over $3 million worth of XRP in suspected wallet compromise

Key Takeaways

• A North Carolina resident lost $3 million in XRP due to a hack of his Ellipal hardware wallet.
• Stolen XRP was dispersed across hundreds of wallets to obscure the trail, highlighting self-custody risks.

Share this article

A retired man claims he lost his entire crypto savings after his Ellipal cold wallet was hacked and drained of 1.2 million XRP this month. The stash would be valued at over $3 million at current prices.

“I’ve been in crypto since 2017,” said the victim, Brandon LaRoque, in a YouTube video posted Thursday describing how his life savings vanished overnight. “I’ve been accumulating XRP for the past eight years. I’ve accumulated over 1.2 million XRP, which is worth over three million dollars now.”

The 54-year-old retiree said the breach occurred on a Sunday morning, later identified as Oct. 12 by blockchain sleuth ZachXBT. He didn’t realize what had happened until Oct. 16, when he checked his wallet and found that his XRP balance had been emptied.

The unauthorized transactions began with two small transfers of 10 XRP each, followed by a large transfer of about 1.29 million XRP to a newly created wallet, according to Brandon.

“They sent it to one wallet that had just been created a few minutes earlier, and then they turned around and sent that 1,290,000; they sent it out to about 30 different wallets,” he said.

The stolen funds were then distributed across hundreds of wallets in a suspected mixing technique to obscure the transaction trail.

“I guess it’s somewhere between 500 and 900 wallets,” Brandon explained.

Brandon has filed a report with IC3 (Internet Crime Complaint Center) and contacted local law enforcement, though local authorities indicated they lack expertise in crypto-related crimes.

“We were planning on moving out to Las Vegas and buying a house. She was actually supposed to go look at one next week,” Brandon said, referring to plans with his wife, who is nearly 60 years old. “It was our whole retirement for my wife and I, and I don’t know what we’re gonna do. I guess we’re gonna go back to work.”

Blockchain analyst links XRP theft to Southeast Asia’s laundering ring

Blockchain investigator ZachXBT identified the victim’s address and found that the attacker used Bridgers to create over 120 Ripple-to-Tron bridge transactions. The stolen XRP tokens were consolidated and laundered by Oct. 15 through OTCs tied to Huione, an illicit marketplace in Southeast Asia recently sanctioned by the US.

ZachXBT stated that the victim likely confused an Ellipal hot wallet with its cold storage product and added that recovery prospects are “low,” warning that “over 95% of recovery companies are predatory.”

In a statement after the incident surfaced, Ellipal said it has been “in direct contact with the user” and is “doing everything possible to assist.”

The company’s investigation found that the loss occurred because the cold wallet’s seed phrase was imported into the Ellipal app, effectively converting it into a hot wallet.