A crypto whale has suffered losses of more than $27 million after a private key compromise allowed an attacker to drain funds from what was believed to be a secure multisignature wallet, highlighting persistent security risks even in hardened custody setups.

#PeckShieldAlert A whale's Multisig was drained of ~$27.3M due to a private key compromise.

The drainer has laundered $12.6M (4,100 $ETH) via #TornadoCash and retains ~$2M in liquid assets.

The drainer also controls the victim's multisig, which maintains a leveraged long… pic.twitter.com/1Ulk4X7bkl
— PeckShieldAlert (@PeckShieldAlert) December 18, 2025

Blockchain security firm PeckShield flagged the incident in an alert posted on X, stating that a whale’s multisig wallet was emptied after one of its private keys was compromised.

Multisignature wallets are designed to reduce single points of failure by requiring multiple approvals for transactions, but the breach suggests that access to a critical key was sufficient for the attacker to take control.

On-chain data reviewed by PeckShield shows that the drainer quickly began laundering the stolen assets through Tornado Cash, a privacy-focused crypto mixer often used to obscure transaction trails.

According to the firm, roughly $12.6 million, or about 4,100 ETH, has already been routed through the mixer. The attacker is still estimated to hold around $2 million in liquid, unwashed assets.

Beyond the immediate theft, the situation is complicated by the attacker’s apparent control over the victim’s multisig wallet, which remains active on decentralized lending platform Aave.

On Aave, the compromised wallet reportedly maintains a large leveraged long position, with approximately $25 million worth of ETH supplied as collateral against $12.3 million in borrowed DAI.

This creates additional risks, as the attacker could manipulate or unwind the position, potentially triggering liquidations or further losses depending on market conditions.

Security analysts note that such scenarios underline how compromised governance or control keys can have cascading effects across DeFi protocols, even when the initial exploit is limited to wallet access.

The incident serves as a stark reminder that multisig wallets are only as secure as their key management practices. While multisigs reduce risk compared to single-key wallets, improper key storage, social engineering, or operational lapses can still turn them into a single point of failure.

As the attacker continues to move funds on-chain, investigators and blockchain monitoring firms are tracking the addresses involved. However, once assets pass through privacy mixers, recovery becomes significantly more challenging, reinforcing ongoing debates around wallet security standards and the use of privacy tools in crypto markets.

Whale’s Multisig Drained of $27M in Major Private Key Breach