On Tuesday, hackers stole around $112 million of the Ripple-focused cryptocurrency XRP from a crypto wallet, Ripple’s co-founder and executive chairman has disclosed.
Ripple’s Chris Larsen said on Wednesday that the stolen crypto was his. Larsen wrote on X (previously Twitter) that “there was unauthorized access to a few of my personal XRP accounts (not Ripple) — we were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved.”
Larsen wrote the post less than an hour after the well-known crypto security researcher ZachXBT broke news of the hack.
Do you have more information about this hack? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase and Wire @lorenzofb, or email email@example.com. You also can contact TechCrunch via SecureDrop.
In a post on X, the crypto security researcher added that the stolen XRP funds have already been laundered through several crypto exchanges and platforms, including Binance and Kraken. Binance spokesperson Simon Matthews told TechCrunch that the company is “aware and actively supporting the investigation.”
“We are aware of the incident. We have an incident response capability and undertake proactive review of open source to identify incidents such as this, engage with victims and prevent Kraken from being used in this way,” Kraken spokesperson Megan Thorpe told TechCrunch in an email.
However, the details of who controls and owns the hacked wallet is murky, as it may — or may not be — Ripple’s wallet.
According to on-chain data from XRPScan, the hacked wallet was called “Ripple (50)” and was activated by a separate wallet called “~FundingWallet1” on November 5, 2018. The ~FundingWallet1 was activated by Larsen’s account on February 6, 2013, about a month after his own account, ~chrislarsen, was created.
When TechCrunch reached out to Ripple, the company’s spokesperson Stacey Ngo referred to Larsen’s post and said that “Ripple was not impacted.”
Ripple has been around since 2012 and aims to be a payments and enterprise infrastructure provider made up of a network, protocol and decentralized public ledger called XRP Ledger. The network’s token, XRP, has a market capitalization of $27.4 billion and has fallen about 4% on the day following the news of the hack, according to CoinMarketCap data.
Now, some XRP holders are calling for the co-founders to disclose their crypto wallets and XRP holdings in an effort to improve transparency, while others like Thinking Crypto podcast host Tony Edward are calling for Larsen to “distance himself from Ripple as much as possible.”
This hack is the largest theft of cryptocurrency in 2024 so far, and the twentieth largest theft of cryptocurrency in recorded history, based on data collected by Rekt, a website that tracks web3 and crypto breaches.
Last year, hackers stole around $2 billion in cryptocurrency, according to crypto security firms that track these types of hacks.
This story was updated to include a statement from Kraken’s spokesperson.