Chris Larsen, Ripple Co-Founder, Hacked for $112.5 Million

On the evening of January 31, the Twitter community reported that Ripple had been hacked, resulting in an estimated loss of $112.5 million.

Ripple (XRP) Hacked for $112.5 Million

Update:

Ripple co-founder Chris Larsen subsequently acknowledged that "a few" personal accounts were compromised by malicious actors, leading to fund withdrawals. Larsen stated that he has contacted law enforcement agencies to investigate the incident, emphasizing that only personal assets were affected and that Ripple itself was not involved.

Original post:

The initial information was shared by "on-chain detective" ZachXBT on his personal Twitter account. Specifically, a wallet with the address "rJNL...Qojm" showed suspicious XRP transactions of unknown origin.

According to browser data, this wallet address is labeled as Ripple (50), associated with Ripple's domain and Twitter account.

Details of the hacked Ripple wallet rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm. Source: XRPScan

The Ripple (50) wallet was created in 2018 and has been linked historically to Ripple's Funding wallet and that of co-founder Chris Larsen.

History of the Ripple (50) wallet. Source: XRPScan

At the time of writing, approximately 213 million XRP tokens (approximately $112.5 million USD) were transferred. These funds quickly dispersed across exchanges such as MEXC, Gate, Binance, Kraken, OKX, HTX, and HitBTC.

However, some accounts noted that these transactions appeared over 10 hours ago without any preventive actions taken. Therefore, it's speculated that the hacker quietly moved tokens to centralized exchanges (CEXs) to gradually liquidate and avoid detection.

Following this incident, XRP experienced fluctuations, dropping approximately 4.3% to around $0.5 USD.

1-hour chart of XRP/USDT pair on Binance at 09:35 AM on January 31, 2024.