Ripple was not hacked for $112M XRP — but its co-founder was
ZachXBT flagged the outflows, which took place on Tuesday

Ripple co-founder Chris Larsen | Kevin Moloney/Fortune Brainstorm TECH/"Fortune Brainstorm TECH 2014″ (CC license)
An on-chain detective has flagged odd XRP outflows worth roughly $112 million from addresses linked to Ripple Labs.
ZachXBT, in a post on X Wednesday, said that Ripple seemed to have been hacked for 213 million XRP.
However, Ripple co-founder Chris Larsen responded that his Ripple accounts had been compromised, not Ripple itself.
Larsen said there had been “unauthorized access to a few of my personal XRP accounts.”
“We were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved,” he added.
The stolen funds, ZachXBT found, were laundered through crypto exchanges including Gate, Binance, Kraken, OKX, HTX, HitBTC, and MEXC.
He highlighted roughly 8 addresses tied to the alleged theft.
Read more: Security review competition will offer a bounty of $1.2M
The timestamps for the transactions stand out, however, as they took place on Tuesday ranging from early on in the day to late Tuesday night. Ripple Labs or Larsen had not publicly disclosed the attack until ZachXBT’s posts on social media.
“The sheer number of [transactions] to exchanges in a short time span should tell you enough,” ZachXBT said in a follow up post. “Ripple team is not going to use a small instant exchange like FixedFloat in size.”
Following the post on X, XRP fell over 5%. It has since bounced back as of publication.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: Unpacking crypto and the markets.
- Empire: Crypto news and analysis to start your day.
- Forward Guidance: The intersection of crypto, macro and policy.
- 0xResearch: Alpha directly in your inbox.
- Lightspeed: All things Solana.
- The Drop: Apps, games, memes and more.
- Supply Shock: Bitcoin, bitcoin, bitcoin.