Man Who Recently Lost $3 Million XRP from Cold Wallet Releases Fresh Major Warning

A shocking revelation has gripped the XRP community after a crypto investor lost nearly $3 million worth of XRP in what appeared to be a cold wallet ￰1￱ incident, which initially caused widespread panic among Ellipal hardware wallet users, has now taken a new turn as the victim, YouTuber Brandon LaRoque, released an update explaining how the theft really ￰2￱ findings highlight a critical misunderstanding about how Ellipal’s wallet system operates and why millions of dollars in crypto might be at risk for those unaware of its dual setup. Brandon’s Painful Discovery Brandon, known in the crypto space for his educational content and transparency, explained in his latest video that he had been using Ellipal’s software wallet on his iPad — not the hardware cold wallet — at the time of the ￰3￱ wallet, he discovered, functions as a “hot wallet” within Ellipal’s ￰4￱ he initially believed his XRP was stored safely offline, much of it was actually in this online-accessible ￰5￱ youtuber (Brandon) who has his $3 million xrp stolen posted an ￰6￱ now has more ￰7￱ was using the software wallet from ellipal instead of the hardware ￰8￱ the software wallet on his ipad appears to have been hacked. ￰0￱ — Prophetic Money (@Prophetic_Money) October 18, 2025 According to Brandon’s breakdown, the Ellipal app contains two wallet types: a cold wallet (blue background) linked to the physical device, and a hot wallet (orange background) that exists entirely within the app and connects to the ￰9￱ now believes the theft occurred from the hot wallet, which was exposed online and thus vulnerable to malware or phishing-based ￰10￱ Ellipal’s Dual Wallet System Ellipal has long marketed itself as a pioneer in air-gapped cold wallet technology, offering devices that are completely isolated from Wi-Fi, Bluetooth, or USB ￰11￱ devices use QR code or NFC scanning to sign transactions offline, keeping private keys physically separated from the internet.

However, Brandon’s update shared through Prophetic Money on X, revealed a crucial distinction many users might ￰12￱ the cold wallet offers strong offline protection, the Ellipal app’s hot wallet is connected to the internet and therefore subject to online ￰13￱ users managing large crypto sums, misunderstanding this distinction can be ￰14￱ are on X, follow us to connect with us :- @TimesTabloid1 — TimesTabloid (@TimesTabloid1) June 15, 2025 Growing Reports of Ellipal App Vulnerabilities Brandon’s experience isn’t ￰15￱ recent months, multiple Reddit users have reported similar issues where large sums were drained from Ellipal wallets via unauthorized contract approvals they claim they never ￰16￱ incidents suggest that while the hardware devices themselves remain secure, the software interface — specifically the app’s handling of contract transactions — may be ￰17￱ cybersecurity researchers have also raised concerns about supply chain vulnerabilities in wallet software updates and potential phishing-based exploits targeting Ellipal ￰18￱ attacks, they warn, could trick users into unknowingly approving malicious transactions through the ￰19￱ Warning to Crypto Holders Brandon’s ordeal serves as a sobering reminder that “cold” doesn’t always mean “offline.” His loss underscores the importance of understanding wallet workflows and verifying where assets are truly ￰20￱ coins from the hot wallet to the cold wallet must be done manually, and any assets left in the hot wallet remain exposed to internet-based ￰21￱ Brandon emphasized in his warning — echoed by Prophetic Money — every user should audit their wallet setup immediately, ensure assets intended for long-term storage are actually held in the offline cold device, and remain cautious of software prompts and app ￰22￱ crypto market is full of sophisticated attackers, but as this case shows, sometimes the greatest vulnerability lies in misunderstanding one’s own ￰23￱ Ellipal users and the wider XRP community, this revelation could not have come at a more critical ￰24￱ : This content is meant to inform and should not be considered financial ￰25￱ views expressed in this article may include the author’s personal opinions and do not represent Times Tabloid’s ￰26￱ are urged to do in-depth research before making any investment ￰27￱ action taken by the reader is strictly at their own ￰28￱ Tabloid is not responsible for any financial ￰29￱ us on Twitter , Facebook , Telegram , and Google News