Ripple (XRP) Hack: Binance Seizes Stolen funds Worth $4.2M

XRP $120 million Hack, Jan 2024 Source: TRMLabs

The stolen XRP tokens were quickly transferred and laundered through multiple crypto exchanges in a series of transactions involving multiple addresses. 

According to TRMLabs investigations, the key addresses identified in the laundering process include:

  • rGhR13XyM43WdDaSMznHd5rZ4cJatybvEg,
  • rHQVKntyfkDCPhEBL2ctryuEAkDZgckmmV,
  • rLsUemhuBZtF44rqqzneb2F9JgyrRYYd4t,
  • rKPERax7t9iFvT3RHXn5nifyNpzp9a4hBa,
  • rpjs4HLX1gJoEenH69PsQmXaXY22QhCYAT,
  • rLRhugR4ysNa2xkt4E6fKN8krs9jatCp6w
  • rnCyeUNvfDbtTagGEPjBfTCBz6EqJjf2Uj
  • rHVjfYzTaB8MzSoQGqpzH9barZr85QsZW7. 

Although efforts are ongoing to track these transactions and recover the stolen funds, the complexity of the laundering process deployed now presents significant challenges.

Binance CEO Richard Teng Announces $4.2M Stolen Funds Frozen

In a Feb 1 statement, Binance CEO Richard Teng confirmed that the exchange froze multiple accounts linked to the stolen XRP funds. At time of announcement the funds frozen tottalled 8.3 million XRP coins (~$4.2 million).

Teng promised his company would continue working with Ripple and relevant parties to facilitate a thorough recovery of the funds siphoned by unknown exploiters.

We will continue to support Ripple in their investigations and their efforts to retrieve back the funds, including closely monitoring the majority of funds still in the exploiter’s external wallets in case they deposit to Binance. – Richard Teng, Binance CEO

The Binance CEO also extended gratitude to blockchain sleuth ZachXBT, who first flagged the suspicious transactions on Jan. 31. The popular crypto influencer, Zach had initially published findings of the 213 million XRP theft and subsequent distribution of the funds across exchanges in an attempt to launder the loot.

Ripple co-founder and executive chairman Chris Larsen clarified that the funds were his shortly after. Larsen disclosed unauthorized access to his personal accounts but withheld specifics on how the breach happened.

The event has been odd since it deviated from the general hack pattern, draining funds as fast as possible and utilizing crypto mixers like Tornado Cash to obfuscate footprints. The hack occurred over an extended period, and exploiters stole XRP for at least 10 hours before depositing on centralized exchanges like Binance.

The latest Ripple hack is a stark reminder of the security vulnerabilities in the cryptocurrency world, emphasizing the need for enhanced security measures and vigilant monitoring by crypto exchanges and custody services providers. As the investigation continues, the incident serves as a cautionary tale about the risks associated with digital asset storage and transfer.