Important points
- A North Carolina resident lost $3 million in XRP due to a hack of his Ellipal hardware wallet.
- The stolen XRP was spread across hundreds of wallets to obscure its traces, highlighting the risks of self-custody.
A retired man claims his Elipal cold wallet was hacked this month and 1.2 million XRP was siphoned off, causing him to lose all his crypto savings. This stash would be worth more than $3 million at current prices.
“I’ve been dabbling in cryptocurrencies since 2017,” victim Brandon Larocque said in a YouTube video posted Thursday, explaining how his savings disappeared overnight. “I have been accumulating XRP for the past 8 years. I have accumulated over 1.2 million XRP, which is currently worth over $3 million.”
The 54-year-old retiree said the breach occurred on Sunday morning and was later identified as October 12 by blockchain detective ZachXBT. He didn’t realize what had happened until October 16 when he checked his wallet and found his XRP balance empty.
According to Brandon, the fraudulent transactions started with two small transfers of 10 XRP each, followed by a larger transfer of approximately 1.29 million XRP to a newly created wallet.
“They sent it to one wallet that had just been created a few minutes ago, and then they turned around and sent that 1,290,000. They sent it to about 30 different wallets,” he said.
The stolen funds were then distributed across hundreds of wallets in what appears to be a mixed method to hide the traces of the transactions.
“I think the number of wallets is between 500 and 900,” Brandon explained.
Brandon filed a report with IC3 (Internet Crime Complaint Center) and contacted local law enforcement, who suggested they lacked expertise regarding crypto-related crimes.
“We were planning on moving to Las Vegas and buying a house, and she was actually going to look at a house next week,” Brandon said of his plans with his wife of nearly 60 years. “For my wife and I, this was the perfect day of retirement. We don’t know what’s going to happen. I think we’re going to go back to work.”
Blockchain analyst links XRP theft to Southeast Asian laundering ring
Blockchain researcher ZachXBT identified the victim’s address and discovered that the attacker used Bridgers to create over 120 Ripple-to-Tron bridge transactions. The stolen XRP tokens were consolidated and laundered by October 15th through an OTC linked to Huione, an illegal market in Southeast Asia that was recently sanctioned by the US.
1/ This week, a video of a US-based victim losing $3.05 million (1.2 million XRP) from his Ellipal wallet went viral on YT.
Here are the top points about tracking where stolen funds go and similar thefts. pic.twitter.com/Gyw0OWjts4
— ZachXBT (@zachxbt) October 19, 2025
ZachXBT said victims likely confused Elipal’s hot wallet with the company’s cold storage products, adding that the prospects for recovery are “low” and warning that “more than 95% of recovery companies are predatory.”
In a statement after the incident was discovered, Elipal said it was “in direct contact with our users” and “doing everything we can to assist them.”
We have been in direct contact with our users and have done everything we can to assist them.
After investigation, we confirmed that the cold wallet seed phrase was imported into the app and turned into a hot wallet, resulting in the loss.
ELLIPAL’s cold wallet still exists…— Elipal (@ellipalwallet) October 19, 2025
The company’s investigation found that the losses occurred because the cold wallet’s seed phrase was imported into the Elipal app, effectively converting it into a hot wallet.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
