Ripple was not hacked for $112M XRP — but its co-founder was

ZachXBT flagged the outflows, which took place on Tuesday

share

An on-chain detective has flagged odd XRP outflows worth roughly $112 million from addresses linked to Ripple Labs.

ZachXBT, in a post on X Wednesday, said that Ripple seemed to have been hacked for 213 million XRP.

However, Ripple co-founder Chris Larsen responded that his Ripple accounts had been compromised, not Ripple itself.

Larsen said there had been “unauthorized access to a few of my personal XRP accounts.”

“We were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved,” he added.

Loading Tweet..

The stolen funds, ZachXBT found, were laundered through crypto exchanges including Gate, Binance, Kraken, OKX, HTX, HitBTC, and MEXC.

Loading Tweet..

He highlighted roughly 8 addresses tied to the alleged theft. 

Read more: Security review competition will offer a bounty of $1.2M

The timestamps for the transactions stand out, however, as they took place on Tuesday ranging from early on in the day to late Tuesday night. Ripple Labs or Larsen had not publicly disclosed the attack until ZachXBT’s posts on social media.

“The sheer number of [transactions] to exchanges in a short time span should tell you enough,” ZachXBT said in a follow up post. “Ripple team is not going to use a small instant exchange like FixedFloat in size.”

Following the post on X, XRP fell over 5%. It has since bounced back as of publication.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Featured.png

Research

Helium stands at a pivotal moment in its evolution as a decentralized wireless network, balancing rapid growth, economic restructuring, and global expansion. With accelerated growth in domestic DAUs and Hotspots supporting its network, Helium is leveraging strategic partnerships and innovative proposals to scale internationally. The recent implementation of HIP 138, “Return to HNT,” has unified its token economy under HNT, simplifying participation and strengthening liquidity, while HIP 139’s phase-out of CBRS refocuses efforts on scalable Wi-Fi offload. Meanwhile, governance shifts under HIP 141 raise questions about centralization as Nova Labs consolidates control over the roadmap.

article-image

In 2011, WikiLeaks faced a financial blockade imposed by the US government. It was Bitcoin’s first major test.

article-image

Kado’s founder Emery Andrew spoke to Blockworks about the acquisition and what’s next for the team

article-image

LayerZero’s Bryan Pellegrino chatted with Blockworks about the firm’s next steps and its 10-year runway

article-image

Colosseum co-founder Matty Taylor is seeing “high-performance [Solana] founders showing a lot of interest in private trading technology”

article-image

Executives weigh the growth potential they see in the public stock and private credit/equities arenas

article-image

Players can stake ME, trade tokens and link wallets to climb the leaderboard