Ripple was not hacked for $112M XRP — but its co-founder was

ZachXBT flagged the outflows, which took place on Tuesday

share

An on-chain detective has flagged odd XRP outflows worth roughly $112 million from addresses linked to Ripple Labs.

ZachXBT, in a post on X Wednesday, said that Ripple seemed to have been hacked for 213 million XRP.

However, Ripple co-founder Chris Larsen responded that his Ripple accounts had been compromised, not Ripple itself.

Larsen said there had been “unauthorized access to a few of my personal XRP accounts.”

“We were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved,” he added.

Loading Tweet..

The stolen funds, ZachXBT found, were laundered through crypto exchanges including Gate, Binance, Kraken, OKX, HTX, HitBTC, and MEXC.

Loading Tweet..

He highlighted roughly 8 addresses tied to the alleged theft. 

Read more: Security review competition will offer a bounty of $1.2M

The timestamps for the transactions stand out, however, as they took place on Tuesday ranging from early on in the day to late Tuesday night. Ripple Labs or Larsen had not publicly disclosed the attack until ZachXBT’s posts on social media.

“The sheer number of [transactions] to exchanges in a short time span should tell you enough,” ZachXBT said in a follow up post. “Ripple team is not going to use a small instant exchange like FixedFloat in size.”

Following the post on X, XRP fell over 5%. It has since bounced back as of publication.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.png

Research

Content Delivery Networks (CDNs) represent low-hanging fruit in a massive market ripe for Web3-driven disruption. The global CDN market was valued at ~$28B in 2024, and is projected to surpass $140B by 2034, (18.75% CAGR) underscoring the immense demand for efficient content delivery.

article-image

The $135 million raise shows that TradFi giants are serious about crypto adoption

article-image

The banking system still processes payments like it’s 1975. Crypto might have a fix.

article-image

Fiserv’s launch follows Senate passage of the GENIUS Act for stablecoin regulation.

article-image

Bitcoin is emerging as “the new standard for long-term corporate resilience,” Swan Bitcoin CIO says

article-image

Cybersecurity experts explain how the attack could have been prevented