Home
News
Details

Over 500 Dormant Ethereum Wallets Drained in $800K Theft

iconAiCryptoCore
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
ETH
$2,113.62-0.12%
AI summary iconSummary

expand icon
Ethereum news: Over 500 dormant Ethereum wallets were drained in a $800K theft on April 30, 2026. The attacker siphoned funds from idle wallets created four to eight years ago, consolidating 324.741 ETH via THORChain. Etherscan flagged the sending address as Fake_Phishing2831105 after a report by Specter. The incident highlights risks in the Ethereum ecosystem news around legacy key security.

More than 500 dormant Ethereum wallets were drained in a coordinated attack that siphoned roughly $800,000 in ETH, according to a CryptoSlate investigation published on April 30, 2026. The incident targeted wallets that had been inactive for four to eight years, raising urgent questions about legacy key security across the Ethereum ecosystem.

What CryptoSlate reported about the dormant Ethereum wallet drain

CryptoSlate reported that the attacker consolidated funds from hundreds of long-idle wallets into a single address, swapping 324.741 ETH worth $749,079.99 through the THORChain router on April 30 at 15:28:59 UTC. The sending address, 0xA707…FAd7, has been flagged by Etherscan as Fake_Phishing2831105 following a report filed by blockchain investigator Specter.

The tagged address accumulated 596 transactions in total, a figure directionally consistent with CryptoSlate’s estimate that more than 500 unique wallets were affected. Many of the compromised wallets had reportedly sat untouched for four to eight years before funds were swept.

ON-CHAIN DATA

  • Transaction hash: 0xba1b…6aac
  • Amount: 324.741 ETH ($749,079.99 at time of transfer)
  • From: 0xA707…FAd7 (Fake_Phishing2831105) → THORChain Router v4.1.1
  • Timestamp: April 30, 2026, 15:28:59 UTC

Specter wrote on April 30 that older EVM wallets were being drained, with estimated losses exceeding $800,000 across hundreds of victims. The attack appeared to involve key compromise, primarily targeting wallets created four to eight years ago.

Source: @SpecterAnalyst on X

After the ETH was bridged out through THORChain, according to unconfirmed reports, roughly $66,000 remained across the attacker’s EVM wallets. No formal postmortem or official disclosure has confirmed the exact compromise vector.

Theories circulating in security circles include weak entropy in legacy wallet generation tools, seed phrase exposure tied to historical password manager breaches, and other old key leaks. These remain unconfirmed hypotheses rather than established findings.

Why dormant wallet compromises raise broader security concerns

The incident highlights a persistent blind spot in Ethereum security: wallets generated years ago may carry vulnerabilities their owners never revisited. Early wallet tooling sometimes relied on weaker randomness or key derivation methods that have since been deprecated. If private keys were generated with insufficient entropy, those wallets remain exploitable indefinitely.

For holders of older wallets, this event is a concrete reminder to audit key storage practices. Moving funds to a wallet generated with modern tooling, verifying that seed phrases are stored offline, and periodically checking dormant addresses for unauthorized activity are practical steps that could prevent similar losses.

The drain comes at a time when the broader crypto regulatory landscape is shifting rapidly. As U.S. regulators move toward formalizing crypto perpetuals rules, and with stablecoin legislation advancing through Congress, individual wallet security remains an area where users bear sole responsibility. Even as institutional frameworks mature, incidents like this underscore the gap between market enthusiasm and basic operational security.

ETH traded at $2,304.69 at press time, up roughly 1% over 24 hours, suggesting the incident had no measurable impact on broader market pricing. The Crypto Fear and Greed Index sat at 39, reflecting a “Fear” reading that predates this event.

CoinMarketCap price chart for CryptoSlate reports over 500 dormant Ethereum wallets were drained, with losses of about $800,000
CoinMarketCap market snapshot used to anchor the spot-price section for ethereum.

The $800,000 loss, while devastating for individual victims, is a rounding error relative to Ethereum’s $278 billion market cap. That asymmetry does not diminish the severity for those affected, particularly holders who may not even realize their old wallets have been emptied. Dormant does not mean safe, and wallet hygiene requires ongoing attention regardless of how long funds have sat untouched.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.