A cryptocurrency investor, known as a crypto whale (someone who owns a huge amount of cryptocurrency and can affect the market with their transactions), recently suffered a major loss. They lost around $38 million due to an attacker gaining control of their special type of wallet called a multisig wallet. This wallet was supposed to provide extra security.
Multisig Wallet Hack: What Happened?
A multisig wallet (short for multi-signature wallet) is like a secure safe for keeping cryptocurrency. Normally, it requires more than one person or key to approve a transaction, making it harder to steal funds. However, this time the whale set up the wallet in a dangerous way. It required only one signature to authorize actions, which defeated the purpose of having extra security.
Blockchain security company PeckShield shared on December 18 that the whale’s wallet was hacked because the key to access it was exposed. At first, it seemed like the hacker stole $27.3 million, but later tracking revealed that the total damage reached around $38 million.
Here’s what the hacker did: They sent 4,100 Ethereum (ETH), worth about $12.6 million at the time, through a service called Tornado Cash. Tornado Cash is a tool that mixes cryptocurrency transactions to make them harder to trace (learn about it here). Only around $2 million was left in liquid assets in the wallet, which means fast-access money. The hacker also maintained control over another account linked to the wallet with a big financial deal in decentralized finance (DeFi).
What Is DeFi?
DeFi, short for decentralized finance, is a way of using financial services without traditional banks or brokers. It uses technology like blockchain to let people lend, borrow, or trade cryptocurrencies in a secure and open way (learn more here). The attacker managed to control a DeFi account on a platform called Aave. This account had about $25 million in Ethereum used as collateral (a guarantee) for borrowing more than $12 million in DAI, a type of stablecoin cryptocurrency that stays close in value to the US dollar (read about DAI here).
How Did This Hack Happen?
An analyst named Specter shared details about the hack. He explained that the whale used a one-signature multisig wallet, making it very easy for the hacker to take over. Less than 40 minutes after the crypto whale added money to the wallet, the hacker quickly drained all the funds. The hacker even switched the control of the wallet’s signature to their own address. It’s likely that the whale either accidentally leaked the wallet’s key while setting it up or trusted someone malicious to help them create it.
Another researcher suggested online that the hacker might have tricked the whale from the very beginning by secretly creating the wallet themselves. This would have given them full access to the wallet during and after its setup.
A Common Problem in Crypto Security
This kind of hack is part of a bigger problem in the cryptocurrency world: people losing their private keys or being tricked into sharing them. Private keys are like super-secure passwords that allow you to access and control cryptocurrency wallets.
One major type of trick used by hackers is something called social engineering. This is when attackers manipulate people into giving away personal information, like convincing them to trust a dangerous link or fake website (learn about social engineering here). For instance, North Korea-linked hacker groups (like the Lazarus Group, known for big cyberattacks—read about them here) often use fake interviews or bad Zoom calls to trick cryptocurrency users into downloading malware that compromises their wallets.
Even top professionals in the crypto world, like Binance founder Changpeng Zhao, have warned about this shift. Hackers now target people rather than technical flaws, pretending to be helpful employees or fake job candidates to gain access to valuable information.
The Impact of the Hack on the Whale
The stolen wallet belonged to someone who had been handling a lot of Ethereum for a long time. Earlier this year, they had withdrawn over 2,500 Ethereum from an exchange called OKX and put that money to work by staking it (a way of earning rewards by locking up cryptocurrency) through a service called Kiln Finance.
However, things got worse because the attacker didn’t just steal the funds—they are still in control of the whale’s DeFi account on Aave. If the cryptocurrency market suddenly changes, this could cause something called a forced liquidation. Imagine you borrow money but the value of your investment drops. The lender can sell your assets to recover their losses. If this happens to the whale’s account, it could cause even bigger losses.
This hack is another important example of why people in the cryptocurrency world need to be super careful with their private keys and wallet security. It’s a costly lesson showing that even high-security tools like multisig wallets are not perfect if set up incorrectly.