• Chris Larsen, Ripple co-founder, experiences a staggering $112.5 million XRP theft from his personal wallet.

• Hacken’s investigation traced the stolen funds through complex transactions, suggesting connections to authorized Ripple wallets.

Chris Larsen, co-founder and chairman of Ripple, faced a massive theft from his personal wallet, with losses totaling $112.5 million in XRP. The event that occurred on January 31 has been linked to possible inside links at Ripple, raising questions about security protocols at one of the top firms in the cryptocurrency space. 

Hacken disclosed these results in a report published on February 7 by the blockchain analytics platform, showing the cyberattack’s complex character and any possible ties to Ripple.

Investigation Reveals Complex Fund Movements

Hacken’s investigation into the breach disclosed an elaborate trail of transactions involving Larsen’s compromised wallets.  Additionally, the report reveals that the attacker split up the eight separate wallets containing the stolen XRP, transferring most of the money through intermediary accounts before transferring some to a Binance deposit address. The hacker’s deliberate strategy is evident from this maneuvering, suggesting possible inside connections to the incident.

Notably, roughly $70.9 million in XRP, a substantial chunk of these funds were combined into a single wallet with the address “rHyqB.” They then used a series of intermediaries, including this wallet, to launder the stolen assets, eventually depositing some into a Binance account.

Connections to Ripple Highlighted Amidst Hack Investigation

Several transactions with Larsen in the past and its involvement in the subsequent money laundering of the stolen funds have drawn attention to a specific wallet, starting with “rU1bPM4”. The wallet’s transaction history, pointing to a potential connection to approved Ripple operations, complicates the scenario surrounding the attack. Despite the complexities, Hacken cautions that it is too early to confirm the direct involvement of a Ripple employee or to draw definitive conclusions.

A closer look at the transactions related to the “rU1bPM4” wallet shows that it participated in transfers to a Kraken deposit address in 2020 worth approximately $2 million; the attacker also used this address to divert funds from the hack. According to Hacken’s analysis, this wallet had connections to XRP even prior to the hacking incident.

Moreover, last month, a highly skilled cyberattack targeted Chris Larsen, gaining access to his wallets without authorization and stealing 213 million XRP.  Hacken quickly investigated the breach, uncovering a series of transactions that led to wallets possibly linked to Ripple’s internal operations.

This intricate series of transactions demonstrates the attacker’s deliberate effort to conceal the funds’ trail. Richard Teng, the CEO of Binance, revealed that the exchange had successfully frozen $4.2 million worth of the stolen XRP. This development highlights the community’s collective efforts to lessen the consequences of such security breaches.

The breach has cast a shadow over Ripple, prompting a reevaluation of security practices within the company and the industry. The potential for insider involvement has raised serious concerns, underscoring the need for robust and transparent operational procedures to protect against similar incidents. It is worth noting that Ripple (XRP) is trading at $0.51 with a 24-hour increase of 1%.