Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Cryptopolitan /
Crypto’s $27.3M Multisig Nightmare: Hacker Begins Massive Fund Liquidation

Crypto’s $27.3M Multisig Nightmare: Hacker Begins Massive Fund Liquidation

Author:
Cryptopolitan
Published:
2026-01-06 20:35:01
7
2

The hacker behind the $27.3 million multisig wallet breach has begun liquidating funds

The digital vault was supposed to be impenetrable. Multiple keys, layered security—the works. Yet here we are, watching $27.3 million in crypto assets begin their chaotic exit stage left. The hacker behind one of the year's most audacious breaches has flipped the 'sell' switch.

How the Walls Came Down

Forget fancy zero-days or quantum hacks. This was a story of access, plain and simple. The multisig setup—a system requiring several independent approvals for any transaction—got played. The method? Still murky, but the result is crystal clear: total control transferred to a single, malicious entity. The funds, once locked behind a fortress of cryptographic promises, are now on the move.

The Great Unraveling

Liquidation has commenced. Watch the blockchain explorers light up with a trail of transactions no one authorized. Tokens are being swapped, bridged, and funneled through mixers in a frantic dance of obfuscation. Each move is a race against time—the project's team scrambling to freeze what they can, the hacker racing to convert digital code into untouchable value. It's a high-stakes game of whack-a-mole played on a global, immutable ledger.

A Brutal Reminder for Bullish Times

This isn't just another hack. It's a direct strike at a core tenet of decentralized finance: trustless security. If a $27.3 million multisig can fail, what's truly safe? It pours cold water on the 'set it and forget it' mentality, reminding every whale and protocol that clever code is only as strong as its weakest point of execution—often, tragically, the humans who set it up.

So while the charts might scream ATH and the narrative is all hyper-financialization, remember this: the infrastructure is still being built, often with duct tape and hope. And sometimes, that duct tape gets cut. The market will absorb this shock and move on, of course—volatility is just a tax for the impatient, after all. But for the team staring at an empty vault, that's a multi-million dollar lesson in the fine print they never wanted to read.

Pig-butchering scam emerges in money trail

Another incident involving laundering and the use of Tornado Cash has caught the eye of on-chain monitors.

On-chain analyst Specter notified the public on X, stating, “A wallet bridged $7M to ethereum from multiple wallets on the TRON blockchain. Tracing the funds suggests they originate from a crypto investment pig-butchering scam.”

PeckShield also corroborated the story with on-chain data, uncovering a laundering operation that is related to pig butchering.

PeckShield analysis indicated that one address alone had processed 2,479.1 ETH worth $7.9 million through Tornado Cash, with funds traced back to multiple TRON wallets before being bridged to Ethereum.

The attacker’s methodical approach involves depositing funds in 100 ETH batches into Tornado Cash, which severs the blockchain links between deposits and withdrawals, making recovery efforts more difficult.

Another incident highlighted by PeckShield the same day was the one where a “UXLink exploiter labeled address has swapped 248 $WBTC for 23M $DAI within the last hour.”

The on-chain security firm added that “This follows the Sept. 22 hack, where the attacker minted billions of unauthorized tokens and drained tens of millions in crypto assets.”

Crypto industry grapples with losses

The December theft forms part of an increasing pattern of crypto breaches that saw over $117.8 million lost to exploits, according to industry data. In November 2025, around $127 million was lost, with about $45 million frozen or recovered from that loot, according to data from cybersecurity firm Certik.

December saw several significant incidents, including a $50 million address poisoning attack and the exploit of Trust Wallet’s browser extension that saw losses run up to over $8.5 million.

A recent Chainalysis report pointed out that the top ten cryptocurrency hacks of 2025 resulted in a combined loss that exceeded $2.2 billion of the $3.4 billion that was stolen in the crypto industry. The report came out before the Trust Wallet exploit later in December.

The December breach ranks among the year’s most significant private key compromises, a category of attack that security experts consider devastating due to the complete control it grants perpetrators.

Phishing and wallet compromises ranked first and second by category in terms of the amount lost to breaches in December. Despite ongoing monitoring by blockchain security firms, no recovery efforts have been announced.

The attacker’s leveraged position on AAVE presents more challenges to an already complicated issue, as liquidation of the collateral could trigger market movements. However, it will also provide opportunities for tracking if the perpetrator attempts to extract value.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.