Kraken User Loses $18.2M in Social Engineering Crypto Attack

Severity: High (Score: 69.0)

Sources: Mexc.Co, News.Bitcoin

Summary

A Kraken user has lost approximately $18.2 million in a suspected social engineering attack, as reported by blockchain investigator ZachXBT on March 31, 2026. The attack involved manipulation techniques, likely phishing or impersonation, rather than a breach of Kraken's infrastructure. Following the theft, the stolen funds have begun moving across blockchains, with initial transfers from Ethereum to Bitcoin using Thorchain. Early on-chain data indicates that around 878 ether, valued at $1.8 million, was part of the laundering process. The attacker is using multiple wallet addresses and a Safepal wallet to obscure the trail of the stolen assets. This incident highlights the increasing sophistication of social engineering attacks in the cryptocurrency space, where user behavior is targeted rather than technical vulnerabilities. Security experts emphasize the importance of user awareness and robust security practices to mitigate such risks. The ongoing movement of the stolen funds is being tracked by analysts in real time. Key Points: • A Kraken user lost $18.2 million due to a suspected social engineering attack. • The attack involved phishing tactics rather than exploiting exchange vulnerabilities. • Stolen funds are being laundered across blockchains using Thorchain and a Safepal wallet.

Key Entities

• Phishing (attack_type)
• Kraken (ransomware_group)
• hokanews.com (domain)
• T1566 - Phishing (mitre_attack)
• Bitcoin (platform)
• Safepal (platform)
• THORChain (platform)
• Ethereum (company)