Violent attack on trader Sillytuna exposes a growing risk as criminals target crypto holders directly instead of exploiting smart contracts.
A crypto trader known as Sillytuna lost more than $24 million in digital assets after a violent physical attack. Threats reportedly forced the victim to grant access to personal wallets holding large stablecoin balances. Within hours, the funds were moved across several blockchain addresses. Investigators and on-chain analysts are now tracking the assets as the crypto community attempts to block further transfers.
Attackers Distribute Stolen Crypto Funds Across Wallets to Slow Tracking Efforts
Sillytuna is known for active participation in decentralized finance, particularly within the Aave ecosystem. Most of the stolen crypto funds consisted of AUSD stablecoins connected to DeFi positions. Attackers transferred the assets directly from personal wallets soon after gaining access.
$24 million dollar theft of AUSD from 0x6fe0fab2164d8e0d03ad6a628e2af78624060322
Involved violence, weapons, kidnapp and rape threats. Obvs police involved.
Please pass on to all those who trace such things.
And now… definitely out of crypto. ****ers.
Still have limbs,…
— Sillytuna (@sillytuna) March 4, 2026
Blockchain analysts quickly flagged the suspicious transactions. Researchers and tracking groups began monitoring the destination wallets while law enforcement received alerts about the incident.
Roughly $20 million in DAI later appeared across two Ethereum addresses linked to the theft. DAI remains a widely used stablecoin in decentralized finance. Its compatibility with crypto privacy tools like Tornado Cash makes tracing and recovery more difficult.
Early transactions show the attacker splitting funds into multiple wallets. Breaking assets into smaller portions often slows tracking efforts and complicates recovery attempts.
Investigators also identified about $1.1 million in Bitcoin held in another address tied to the exploit. Part of the stolen assets passed through the Wagyu bridge, allowing transfers to the Arbitrum network.
Researchers contacted several crypto platforms requesting restrictions on the flagged addresses. Calls were also made to Hyperliquid to freeze funds connected to the attack. No confirmation has emerged on whether any restrictions were applied.
Funds Sit Idle as Researchers Watch for Laundering Attempts
Wagyu’s creator responded publicly, stating the bridge will not freeze funds under any circumstances. The developer added that addresses may be blacklisted in a similar manner to Railgun.
Movement of the stolen crypto funds slowed after the initial transfers. Only a small portion crossed the Wagyu bridge before activity paused.
According to Arkham Intelligence, large amounts of the stolen DAI remain parked in the original wallets linked to the theft. Analysts believe the attacker may move the funds slowly to avoid drawing attention.
Past incidents tied to North Korean hacking groups often involve rapid laundering through multiple services.
Direct attacks on individuals may now present a simpler route for criminals than targeting complex smart contracts. Public traders and crypto personalities often face greater exposure due to visible on-chain holdings.
Sillytuna Offers 10% Bounty as Investigators Track Wallets Linked to $24M Theft
Sillytuna has offered a 10% bounty for the recovery of the crypto funds. Investigators are sharing wallet addresses across protocols in an effort to intercept transfers.
Blockchain records also link the destination wallets to a known scam address that begins with “0xbeef.” Past activity links the wallet to rug pulls and malicious contract deployments.
The case reveals both the strengths and limitations of blockchain tracking. Even though cn-chain analysis can quickly trace movements, decentralized protocols often lack clear rules for freezing stolen assets.
#Crypto #Holder #Targeted #Violent #Attack #24M #Stablecoins #Drained
