Last week’s massive crypto crash didn’t just hit traders, it also wiped out millions in stolen funds held by hackers who, caught in the panic, misplayed the market with disastrous timing.
Blockchain sleuth Lookonchain has tracked at least six wallets linked to known hackers that lost more than $13.4 million after panic-selling ether during the downturn.
The hackers in question appear to be part of a group of cybercriminals who have recently engaged in cryptocurrency theft. The mention of “6 hacker wallets” losing over $13.4 million suggests a coordinated effort, possibly linked to a known hacking syndicate.
Buying high, selling low
The sell-off began when one wallet offloaded 7,816 ETH at $3,728 per coin, a move that coincided with the steepest part of the crash. As prices dropped further, five more wallets followed suit, contributing to the broader market dump.
However, rather than holding the sold assets in stablecoins or attempting to launder the ETH, the hackers rebought the same amount — 7,816 ETH — at $4,159 as the markets bounced back, locking in another round of losses.
By Oct. 18, blockchain analysis revealed that the total loss from these trading missteps reached $13.4 million.
Given the scale of the funds (about $29 million in the latest transaction alone), these hackers are likely sophisticated actors with access to advanced tools for exploiting vulnerabilities in decentralized finance (DeFi) protocols, exchanges, or smart contracts.
Panic selling
The hackers’ trading patterns during volatile market conditions suggest that while they’re experienced in exploiting the ecosystem’s players, they react to market swings like any other over-leveraged trader would: with poor timing and emotional decision-making.
Lookonchain labeled the behavior as “panic selling,” while some crypto observers even joked that the attackers might be “great hackers, terrible traders.”
It wasn’t all their money
However, the hackers likely acquired those funds through hacking. So while the losses are real, the funds were likely not earned but stolen.
Blockchain analysts believe the ETH originated from earlier attacks, meaning the hackers were trading with assets they hadn’t bought in the first place.
In that sense, the losses may not hurt in the way they would for ordinary traders.
Think of it this way: someone finds a suitcase of cash, gambles it poorly, and walks away empty-handed. They’re worse off than before but not out-of-pocket, since the money they lost wasn’t theirs in the first place.
Maybe the hacker group should’ve just stuck with hacking and maybe start looking for a portfolio manager for criminals. Still, the missteps reveal something about the current state of the crypto landscape. Even sophisticated attackers can falter under pressure.
Wash trading
There’s another possibility out there. While they were ‘terrible traders’, they may also have been laundering their ill-gotten gains through these trades, strategically dumping tainted funds during the panic to then buy back clean funds, even if at a loss.
As one X poster said, “It’s a form of money laundering. While they are puking, on the other side, they are buying. Then they reverse after it rises. Loose the stolen money, earn on fresh money.”
The Oct. 10 market correction affected traders across the board, triggered by a combination of macroeconomic pressures and thinning liquidity in decentralized markets that led to a $500 billion slump.
While hacks and exploits are usually viewed in isolation, last week’s developments show how on-chain markets, by design, apply the same rules to everyone: whether they’re retail traders, whales, or hackers.
