KEY POINTS
- A crypto security researcher said the stolen XRP were "laundered" across different platforms
- Ripple's Ngo said the exchange network "was not impacted"
- The hack is the largest crypto theft so far in 2024
Around $213 million worth of Ripple-focused cryptocurrency XRP was stolen Tuesday from a crypto wallet whose ownership is at question.
Crypto security researcher ZachXBT first broke the news Wednesday on X (formerly Twitter), saying the stolen crypto millions "have been laundered" across different crypto platforms and exchanges, including Binance, Kraken and OKX.
It appears @Ripple was hacked for ~213M XRP ($112.5M)
— ZachXBT (@zachxbt) January 31, 2024
Source address
rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm
So far the stolen funds have been laundered through MEXC, Gate, Binance, Kraken, OKX, HTX, HitBTC, etc pic.twitter.com/HKGYsLQeMv
Kraken spokesperson Megan Thorpe told TechCrunch in an email that the trading platform was "aware of the incident" and the platform has an "incident response capability" to prevent it "from being used this way."
Simon Matthews, Binance's spokesperson, told the outlet that it was "actively" supporting the investigation into the incident.
Ripple's spokesperson Stacey Ngo referred the outlet to Larsen's post and said "Ripple was not impacted," when reached for a comment.
Less than an hour after ZachXBT said Ripple may have been "hacked," Ripple CEO Chris Larsen reposted ZachXBT's post, saying "there was unauthorized access to a few of my personal XRP accounts (not Ripple)" on Tuesday. He said the problem has been detected and exchanges were notified promptly "to freeze the affected addresses." He also said law enforcement is now looking into the incident.
Yesterday, there was unauthorized access to a few of my personal XRP accounts (not @Ripple) – we were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved. https://t.co/T3HtKSlzLg
— Chris Larsen (@chrislarsensf) January 31, 2024
Questions have since emerged about the true ownership and control of the hacked wallet. Data from XRPScan revealed that the crypto wallet was called "Ripple (50)."
In January 2013, the account "~chrislarsen" was created. About a month later, on Feb. 6, 2013, the said account activated another wallet, "~FundingWallet1," which then activated "Ripple (50)" on Nov. 5, 2018.
Following the hack, some XRP owners are now calling on co-founders to reveal their crypto wallets and information on their XRP holdings. Larsen has since clarified that the hack was "an isolated incident."
This is an isolated incident, and Ripple wallets are secure / were never compromised. We’ve confirmed nearly all the affected funds were converted out of XRP.
— Chris Larsen (@chrislarsensf) January 31, 2024
We’re working with law enforcement and have been advised that a significant portion of funds have been frozen, and are…
He said Ripple wallets remain secure and "were never compromised." He said the payment protocol and exchange network has confirmed that "nearly all the affected funds were converted out of XRP."
News of the hack came hours after Navin Gupta, Ripple's managing director of South Asia, Middle East and North Africa (MENA), announced he was leaving the company after seven years.
After ~7 years at @Ripple, it's time to say goodbye and embark on a new adventure. Grateful to work with Ripplers in building the Internet of Value. A big thank you to @chrislarsenSF for your vision, and @bgarlinghouse + @monicalongSF for leading us.
— Navin Gupta (@navinblockchain) January 31, 2024
Ripple has yet to provide an update about Gupta's successor, raising concerns about the network's future in the areas that Gupta was previously overseeing. Larsen and other Ripple executives have not yet made official statements about Gupta's exit.
