Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Anthropic’s Claude Fable 5 Crypto Hacks
    Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses
    CLARITY Act Stalls Why Senate's August Recess Puts US Crypto Rules at Risk
    CLARITY Act Stalls: Why Senate’s August Recess Puts US Crypto Rules at Risk
    Three Stories, One Pattern Why Binance Is Having Its Worst Week Since the Pardon
    Three Stories, One Pattern: Why Binance Is Having Its Worst Week Since the Pardon
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Inside the Trump Family’s $1.2B Crypto Windfall Who Paid the Price
    Inside the Trump Family’s $1.2B Crypto Windfall: Who Paid the Price?
  • Opinion
    OpinionShow More
    The Bitcoin Treasury Blueprint What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    The Bitcoin Treasury Blueprint: What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
Industry

Ledger Under Scrutiny: 30K USDC Vanishes from Air-Gapped Wallet

User claims that the recovery phrase for his Ledger device was never shared, photographed, digitized, or entered anywhere, still the funds are drained.

Written By Gopal Solanky Gopal Solanky
Fact Checked by Divya Mistry Divya Mistry
Published 2026-03-03·Updated 4 months ago
Make The Crypto Times preferred on GoogleGoogle
Share
Ledger Under Scrutiny: 30K USDC Vanishes from Air-Gapped Wallet

Key Highlights

  • The affected Ledger user insists that recovery phrase never been exposed, wallet used only on dedicated new MacBook, untouched for weeks—still it got drained.
  • 30,000 USDC transferred to Bitget exchange while native SOL (~2,000) remained safe until manually moved out.
  • User adamant no dApp interaction or transaction signed recently, yet drain occurred—sparking debate on Ledger/Solana security risks.

A crypto trader has gone public with an alarming claim that roughly 30,000 USDC vanished from his hardware-secured wallet on the Solana blockchain without any action on his part. 

The user, who goes by the username of Canissolan, shared a detailed post on X and laid out extreme precautions he took to protect his assets. The user insists that the recovery phrase for his Ledger device was never shared, photographed, digitized, or entered anywhere, still the funds were drained. 

He emphasized that his hardware wallet connects only to a dedicated MacBook bought specifically for Ledger use and no history of browsing, downloads, or connection to other crypto apps or sites. The device never even touched any other computer, and he hadn’t even opened the Ledger wallet for several weeks before spotting the drain. 

I am reporting an unauthorized withdrawal of approximately 30,000 USDC from my Ledger-secured wallet.

The wallet was protected by a @Ledger hardware device. The recovery phrase (private keys) has never been shared, digitized, photographed, typed, or exposed to any third party.… pic.twitter.com/NuVNri2QWf

— Canis (@Canissolana) March 2, 2026

“I did not initiate, confirm, or sign any transaction authorizing this withdrawal,” he wrote, adding he’s “100% certain” no one gained physical access to the device or laptop. He discovered the transfer while checking blockchain records on Solscan, with the USDC moving out to Bitget, a leading crypto exchange. Notably, he held around 2,000 SOL in the same wallet, which remained untouched until he manually sent it to a centralized exchange afterward. 

The trader tagged Ledger support and blockchain investigator ZachXBT, demanding answers about how the transaction could occur under such locked-down conditions. He shared screenshots of his setup and transaction details to back his story.

Divided community opinions

Responses from the crypto community split quickly. Some users expressed sympathy and outrage, calling on Ledger to explain or even threatening to ditch their devices. Others pointed to a common Solana vulnerability where if a user ever approves a malicious transaction, an attacker can change the authority on specific token accounts like USDC. Once that happens, they can drain those tokens later without needing another signature from the owner. 

The case highlights ongoing questions about hardware wallet security on fast-moving chains like Solana, where user-approved actions can create lasting risks, even for those who follow strict protocols. At press time, Ledger had not yet publicly commented on this specific incident.

Update: Ledger’s response at 11:31 UTC

Ledger replied to the post on X, expressing sympathy while confirming that its team reviewed the on-chain data. They stated clearly that the transaction was cryptographically signed using the wallet’s private keys, which means it was physically approved directly on the Ledger hardware device itself via button presses. It ruled out remote hacks, recovery phrase leaks, or any hardware/firmware vulnerability in the Ledger device. Instead, Ledger attributed the incident to a common “blind signing” attack, where users are tricked—often via phishing sites posing as airdrops, NFT mints, or wallet verifications—into approving a seemingly harmless transaction that actually includes malicious instructions (like creating a new token account and transferring funds).

Ledger stressed, “This does not mean the recovery phrase was compromised, and it does not point to a vulnerability in the Ledger hardware. It does mean that at some point, a transaction was physically approved on the device. We’d strongly encourage you to continue working directly with our support team so we can walk through the full timeline together and help with next steps.”

The post ended with a reminder the community to always verify details carefully on the device’s secure screen using Clear Signing and to reject anything unexpected or untrusted.

Also read: Iran Crypto Withdrawals Surged 700% After US-Israel Airstrikes

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

TAGGED:Crypto ScamStablecoin
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link
Gopal Solanky, Senior Reporter for Markets and Protocols at The Crypto Times
By Gopal Solanky Sr. Crypto Journalist
Follow:
Gopal Solanky is a Senior Reporter for Markets & Protocols at The Crypto Times, based in Ahmedabad. He covers institutional crypto adoption, Bitcoin treasury strategies, DeFi markets, protocol ecosystems, Ethereum network activity, Hyperliquid, on-chain trends, and broader digital asset market movements. Gopal has been active in the crypto ecosystem for more than six years. Before joining The Crypto Times full-time in 2023, he worked as a freelance crypto content writer, developing a strong understanding of blockchain infrastructure, DeFi protocols, market cycles, token mechanics, and peer-to-peer systems. His reporting focuses on explaining how protocols work, why market movements happen, and how institutional and on-chain activity affects crypto investors and builders. At The Crypto Times, Gopal also hosts on-the-record interviews with regional Web3 founders, protocol teams, and ecosystem leaders. His work has been cited by external publications, including Vulture.com, in coverage of major crypto stories such as the Hawk Tuah memecoin controversy. His reporting has also contributed to The Crypto Times’ coverage of major industry events, including FTX-related developments, institutional crypto adoption, and emerging protocol narratives. Gopal holds a Bachelor’s degree in Computer Applications, giving him a technical foundation for analyzing blockchain systems, crypto infrastructure, and market data.
Divya Mistry
By Divya Mistry
Follow:
Divya Mistry is the Senior Editor at The Crypto Times. She leads the central editorial desk, overseeing the review and publication of policy analyses, investigative reports, exchange coverage, and protocol exploit stories. Her editorial remit spans digital asset markets, global exchange operations, cross-border digital asset settlements, regulatory developments, and other key developments shaping the cryptocurrency industry. Divya brings more than a decade of experience in editorial strategy, content development, public relations, marketing communications, and research. Before joining The Crypto Times, she worked across multiple sectors, including finance, technology, education, healthcare, real estate, entertainment, lifestyle, and vertical transport, contributing to both digital and print publications. Her research and content work has been featured on platforms including DNA India, Zee, Forbes, and Elevator World India. She holds a Master's degree in English Literature from the University of Mumbai. Drawing on her background in long-form publishing, research, and editorial leadership, she reviews and refines complex stories to ensure accuracy, clarity, and strong editorial standards before publication.

Latest News

Bitcoin Price Reclaims $63,000 Amid Debate: Fresh Bottom or Temporary Reprieve?
Bitcoin Price Reclaims $63,000: Fresh Bottom or Temporary Reprieve?
CLARITY Act Faces Aug. 7 Deadline as July 4 Target Slips and Obstacles Mount
CLARITY Act Faces Aug. 7 Deadline as July 4 Target Slips and Obstacles Mount
The Bitcoin Treasury Blueprint What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
The Bitcoin Treasury Blueprint: What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
Coinbase AI Hallucinates Brazil vs Norway FIFA World Cup Match Result
Coinbase AI Hallucinates Brazil vs Norway FIFA World Cup Match Result
Binance French Users Face Crypto Withdrawal Chaos After MiCA License Loss
Binance French Users Face Crypto Withdrawal Chaos After MiCA License Loss

Find Us on Socials

You may also like

Pak Deputy PM Ishaq Dar's Relative Arrested in Crypto Extortion Case

Pak Deputy PM Ishaq Dar’s Relative Arrested in Crypto Extortion Case

Algorand Calls for Shared Post-Quantum Crypto Security Standards

Algorand Calls for Shared Post-Quantum Crypto Security Standards

Vitalik Buterin Unveils Lean Ethereum Roadmap for Next Era

Vitalik Buterin Unveils Lean Ethereum Roadmap for Next Era 

Bitcoin Miner IREN Awards Co-CEOs $700M in Stock

Bitcoin Miner IREN Awards Co-CEOs $700M in Stock

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information