Hundreds of cryptocurrency wallets have been quietly drained across multiple EVM-compatible networks, raising fresh concerns about wallet security as the attack continues without a confirmed entry point. The activity was flagged by on-chain investigator ZachXBT, who said the attacker is targeting a broad set of addresses rather than concentrating on high-value wallets. Individual losses have generally remained below $2,000, but the cumulative impact has grown steadily as more victims are identified. As of the latest estimates, total losses have reached roughly $107,000 and are expected to increase as additional compromised wallets surface. The pattern suggests an automated or scalable method designed to avoid immediate detection while extracting funds from a large number of users across different chains.

The lack of clarity around how the attacker gained access has heightened concern among market participants. Investigators have not yet identified a common signing event, contract interaction, or wallet software vulnerability that would explain the drain. Without a known point of compromise, the risk of continued losses remains elevated. A suspicious address linked to the activity has been flagged, but attribution beyond that remains unresolved. Security analysts note that attacks involving small per wallet losses can persist longer than high profile exploits because victims may not immediately notice missing funds. This dynamic complicates response efforts and increases the importance of user level precautions while forensic analysis continues.

The incident adds to a broader wave of security issues that have affected the crypto ecosystem in recent months. December alone saw dozens of reported exploits across protocols and wallets, resulting in tens of millions of dollars in aggregate losses. While overall exploit totals declined from the previous month, the frequency of incidents has kept pressure on infrastructure providers and wallet developers. Recent cases have highlighted how vulnerabilities can emerge not only from smart contracts but also from browser extensions, signing flows, and user interface layers that sit between users and the blockchain. Each new episode reinforces concerns that retail users remain exposed even outside of major protocol failures.

Wallet providers and security teams are monitoring the situation closely as investigations continue. Without confirmation of the attack vector, users are being urged to review recent approvals, move funds to fresh addresses if necessary, and remain cautious about signing transactions or interacting with unfamiliar applications. The episode underscores the ongoing challenge of securing self custodial wallets at scale, particularly across interconnected EVM networks where exploits can propagate quickly. As adoption expands, incidents like this are likely to remain a persistent risk factor shaping user behavior and regulatory attention around wallet standards and security practices.