Ripple was not hacked for $112M XRP — but its co-founder was
ZachXBT flagged the outflows, which took place on Tuesday
Ripple co-founder Chris Larsen | Kevin Moloney/Fortune Brainstorm TECH/"Fortune Brainstorm TECH 2014″ (CC license)
An on-chain detective has flagged odd XRP outflows worth roughly $112 million from addresses linked to Ripple Labs.
ZachXBT, in a post on X Wednesday, said that Ripple seemed to have been hacked for 213 million XRP.
However, Ripple co-founder Chris Larsen responded that his Ripple accounts had been compromised, not Ripple itself.
Larsen said there had been “unauthorized access to a few of my personal XRP accounts.”
“We were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved,” he added.
The stolen funds, ZachXBT found, were laundered through crypto exchanges including Gate, Binance, Kraken, OKX, HTX, HitBTC, and MEXC.
He highlighted roughly 8 addresses tied to the alleged theft.
Read more: Security review competition will offer a bounty of $1.2M
The timestamps for the transactions stand out, however, as they took place on Tuesday ranging from early on in the day to late Tuesday night. Ripple Labs or Larsen had not publicly disclosed the attack until ZachXBT’s posts on social media.
“The sheer number of [transactions] to exchanges in a short time span should tell you enough,” ZachXBT said in a follow up post. “Ripple team is not going to use a small instant exchange like FixedFloat in size.”
Following the post on X, XRP fell over 5%. It has since bounced back as of publication.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
