- Blockchain analytics firm Hacken found a pre-existing XRP wallet linked to Ripple co-founder Chris Larsen’s personal accounts, predating a $112.5 million hack.
- The hacker targeted Ripple co-founder Chris Larsen’s personal wallets on January 31.
- Hacken analysts reveal that the hacker behind the $112.5 million XRP theft split the stolen funds across eight wallet accounts, with significant transfers occurring afterward.
Blockchain analytics platform Hacken has reported the discovery of a pre-existing XRP wallet connected to the personal accounts of Ripple chairman and co-founder Chris Larsen, predating the recent $112.5 million hack.
Incident overview
As per a study published on February 7 by the blockchain analytics platform Hacken, the hacker who targeted the personal wallets of Ripple co-founder and chairman Chris Larsen for $112.5 million in XRP on January 31 also gained access to a wallet account that Ripple might have had control over.
On January 31, Larsen announced the loss of 213 million XRP, equivalent to $112.5 million, due to the hijacking of some of his personal wallets. The following day, Binance CEO Richard Teng disclosed that his exchange had frozen $4.2 million in XRP stolen during the same incident.
Also read: Hackers never seem to be satisfied with cryptocurrency theft!
Hacken’s investigation
According to analysts at Hacken, the stolen funds were purportedly divided among eight distinct wallet accounts by the attacker. Following this, funds from six of these wallets were transferred to an intermediary wallet with the address prefix “rHyqB.” Subsequently, this intermediary wallet sent $70.9 million worth of XRP to another address beginning with “ro4ha.”
Also read: Orange Spain RIPE NCC account is hacked, questions asked of account security
Hacken emphasised that it was “[too] early for conclusions,” refraining from implicating a Ripple employee in the hack. However, the company asserted that the attack predominantly involved “two wallets connected to XRP’s authorized wallet.”