A shocking revelation has gripped the XRP community after a crypto investor lost nearly $3 million worth of XRP in what appeared to be a cold wallet breach. The incident, which initially caused widespread panic among Ellipal hardware wallet users, has now taken a new turn as the victim, YouTuber Brandon LaRoque, released an update explaining how the theft really happened.
His findings highlight a critical misunderstanding about how Ellipal’s wallet system operates and why millions of dollars in crypto might be at risk for those unaware of its dual setup.
Brandon’s Painful Discovery
Brandon, known in the crypto space for his educational content and transparency, explained in his latest video that he had been using Ellipal’s software wallet on his iPad — not the hardware cold wallet — at the time of the hack.
This wallet, he discovered, functions as a “hot wallet” within Ellipal’s ecosystem. While he initially believed his XRP was stored safely offline, much of it was actually in this online-accessible environment.
the youtuber (Brandon) who has his $3 million xrp stolen posted an update. he now has more info. he was using the software wallet from ellipal instead of the hardware wallet. so the software wallet on his ipad appears to have been hacked.https://t.co/FXSZGLSZAz
— Prophetic Money (@Prophetic_Money) October 18, 2025
According to Brandon’s breakdown, the Ellipal app contains two wallet types: a cold wallet (blue background) linked to the physical device, and a hot wallet (orange background) that exists entirely within the app and connects to the internet.
He now believes the theft occurred from the hot wallet, which was exposed online and thus vulnerable to malware or phishing-based attacks.
Understanding Ellipal’s Dual Wallet System
Ellipal has long marketed itself as a pioneer in air-gapped cold wallet technology, offering devices that are completely isolated from Wi-Fi, Bluetooth, or USB connections. These devices use QR code or NFC scanning to sign transactions offline, keeping private keys physically separated from the internet.
However, Brandon’s update shared through Prophetic Money on X, revealed a crucial distinction many users might overlook. While the cold wallet offers strong offline protection, the Ellipal app’s hot wallet is connected to the internet and therefore subject to online vulnerabilities. For users managing large crypto sums, misunderstanding this distinction can be disastrous.
We are on X, follow us to connect with us :- @TimesTabloid1
— TimesTabloid (@TimesTabloid1) June 15, 2025
Growing Reports of Ellipal App Vulnerabilities
Brandon’s experience isn’t isolated. In recent months, multiple Reddit users have reported similar issues where large sums were drained from Ellipal wallets via unauthorized contract approvals they claim they never granted.
These incidents suggest that while the hardware devices themselves remain secure, the software interface — specifically the app’s handling of contract transactions — may be exploitable.
Some cybersecurity researchers have also raised concerns about supply chain vulnerabilities in wallet software updates and potential phishing-based exploits targeting Ellipal users. Such attacks, they warn, could trick users into unknowingly approving malicious transactions through the app.
The Warning to Crypto Holders
Brandon’s ordeal serves as a sobering reminder that “cold” doesn’t always mean “offline.” His loss underscores the importance of understanding wallet workflows and verifying where assets are truly stored. Transferring coins from the hot wallet to the cold wallet must be done manually, and any assets left in the hot wallet remain exposed to internet-based risks.
As Brandon emphasized in his warning — echoed by Prophetic Money — every user should audit their wallet setup immediately, ensure assets intended for long-term storage are actually held in the offline cold device, and remain cautious of software prompts and app updates.
The crypto market is full of sophisticated attackers, but as this case shows, sometimes the greatest vulnerability lies in misunderstanding one’s own tools. For Ellipal users and the wider XRP community, this revelation could not have come at a more critical time.
Disclaimer: This content is meant to inform and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not represent Times Tabloid’s opinion. Readers are urged to do in-depth research before making any investment decisions. Any action taken by the reader is strictly at their own risk. Times Tabloid is not responsible for any financial losses.
Follow us on Twitter, Facebook, Telegram, and Google News
