2 hours ago
2
A cryptocurrency holder has claimed that attackers stole roughly $24 million in a crypto robbery following a violent assault, with blockchain security analysts now tracking the movement of the funds on-chain.
Summary
- A crypto user known as “Silly Tuna” claims attackers used violence and threats to steal roughly $24 million in digital assets.
- Blockchain security firm PeckShield said the funds were drained in an address poisoning attack and partially moved to staging wallets.
- Around $20 million in DAI is reportedly sitting in two wallets, while small portions have already been bridged to Arbitrum.
$24M crypto robbery linked to address poisoning
In a series of posts on X, a user operating under the handle “Silly Tuna” alleged that the theft occurred during a physical attack that involved weapons and threats of kidnapping and sexual violence. The user said police have been contacted and described the incident as a “violent assault and theft,” adding that the attackers targeted their crypto holdings.
“Still have limbs, phew,” the user wrote, claiming they were held down while attackers threatened them with axes and forced the transfer of funds.
Bruised, held off while I could, but can't do that much with axes over your hands and feet.
— Sillytuna (@sillytuna) March 4, 2026The victim said the stolen assets were moved to an Ethereum wallet beginning with 0x6fe0…0322 and offered a 10% bounty on any recovered funds. The user also called on blockchain investigators to help trace the transactions.
Blockchain security firm PeckShield later reported that an address linked to the victim had been drained of approximately $24 million worth of aEthUSDC, describing the incident as an address poisoning attack.
According to the firm, about $20 million in DAI linked to the exploit is currently sitting in two attacker-controlled staging wallets, each holding roughly $10 million. These wallets have not yet been mixed, suggesting the funds remain traceable for now.
PeckShield also said the attacker has begun bridging small amounts of the stolen assets to the layer-2 network Arbitrum, a move often used by attackers attempting to fragment or obscure transaction trails.
The incident highlights the growing risk of physical attacks targeting cryptocurrency holders, sometimes referred to as “wrench attacks,” where criminals use coercion or violence to force victims to hand over private keys or execute transfers.
It remains unclear whether any of the stolen funds have been recovered at press time.
English (US) · 