XRPL customers face coordinated rip-off surge, pockets founder says, as attackers deploy phishing, pretend apps, and signal requests globally.
Xaman Pockets founder Wietse Wind has stated {that a} “large XRPL focused rip-off effort” is underway, warning customers about pretend signal requests, phishing emails, and impersonation accounts.
His alert factors to an increase in social engineering assaults geared toward crypto holders fairly than flaws within the blockchain code.
A Multi-Pronged Assault on XRPL Customers
Wind wrote on X on February 16 that he had spent the weekend including new filters and alerts to Xaman Pockets after detecting coordinated makes an attempt to trick customers into signing malicious transactions.
He listed a number of strategies seen in current days, together with rip-off NFTs that promise token swaps, pretend desktop pockets apps, and direct messages posing as assist workers. The official pockets account repeated the warning, telling customers to not click on hyperlinks, reply to DMs, or join wallets to unknown web sites.
In keeping with Wind, the assaults normally give attention to manipulating customers fairly than breaching software program, with the scammers increasing past social media and sending phishing emails regardless that Xaman doesn’t retailer person e-mail addresses, suggesting attackers are counting on leaked knowledge from unrelated breaches.
The tricksters are additionally reportedly selling pretend “desktop wallets,” regardless of Xaman being a strictly cellular utility. Some fraudulent tasks are even promising free tokens in alternate for customers’ secret keys.
Wind burdened that funds will stay secure if folks keep away from approving unknown transactions or sharing their keys.
You may additionally like:
“Regardless of the quantity of warnings, detection, filtering, alerts within the app and right here on social: no scammer can get you in case you do not willingly / unknowingly work together with them,” he suggested. “Your funds are completely secure in Xaman Pockets: simply do not signal any transaction you do not belief, and do not work together with anybody promising you free tokens.”
Scams Shifting Past DeFi Exploits
The XRPL rip-off wave displays a troubling industry-wide development, with a PeckShield report from earlier within the yr revealing that crypto scams and hacks drained greater than $4.04 billion in 2025.
Of that whole, $1.37 billion got here from scams alone, a 64% improve from 2024. The agency stated attackers are shifting in the direction of tailor-made phishing campaigns that concentrate on people with massive holdings as a substitute of relying solely on technical exploits.
Moreover, the PeckShield report additionally discovered that centralized platforms and firms accounted for about 75% of stolen funds final yr, up from 46% in 2024.
These high-value thefts tied to deception prolong past software program wallets. On January 17, 2026, blockchain investigator ZachXBT reported {that a} sufferer misplaced about $282 million in Bitcoin (BTC) and Litecoin (LTC) by a {hardware} pockets rip-off. In keeping with his findings, the attacker later moved the funds by THORChain and transformed them to Monero (XMR).
Wind’s posts framed the most recent marketing campaign as a reminder that pockets safety typically will depend on person selections.
“It is a cat and mouse ‘recreation,’ and the scammers is not going to win,” he said.
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this hyperlink to register and unlock $1,500 in unique BingX Change rewards (restricted time provide).
