Bitmine, an associate of Tom Lee’s, is adding to its Ethereum hoard in a reflection of continuing confidence in the asset amid increasing price uncertainty. According to on-chain data by Lookonchain, Bitmine has staked another 162,088 $ETH worth approximately $366 million, at the time of purchase. This was a purposeful escalation of the firm’s stack and yield strategy. Following this latest deal, Bitmine has now staked a total of 4,194,029 ETH, over $9.48 billion worth of Ethereum to the network. It represents 82.59% of the entire investment portfolio of the company in Ethereum, thus highlighting dependence on staking as the main source of income. Tom Lee( @fundstrat )'s #Bitmine staked another 162,088 $ETH ($366M) 8 hours ago. In total, #Bitmine has staked 4,194,029 $ETH ($9.48B), 82.59% of its total holdings. https://t.co/P684j5YQaG pic.twitter.com/bPUyOrqgwG — Lookonchain (@lookonchain) May 1, 2026 Analysts in the market point out that such concentration of staking makes Bitmine one of the biggest institutional stakers of Ethereum, narrowing down the circulating supply and reinforcing validator participation in the network. Triple-Stacked Staking Exposure Hints at Long-Term AUM Building by Institutions The continual accumulation by Bitmine aligns with a broader institutional trend aimed at maximizing Ethereum yield in staking instead of simply holding spot crypto-assets. The firm locks up over four million ETH into staking contracts thereby committing a significant amount of capital to Ethereum’s proof-of-stake consensus process, decreasing liquid supply as they institutionalise their control over the network state. That’s being described as an aggressive staking strategy by experts who track this trend, specifically because it serves a twofold purpose: providing stable returns through the staking rewards and allowing for long term exposure to the continuously changing network fundamentals of Ethereum. It comes at a time when large funds’ participation in staking is growing, even as the market remains volatile. Put together, these trends make one thing abundantly evident: the biggest players are doubling down on Ethereum local exposure by integrating assets to staking infrastructure rather than divesting it. Dormant Ethereum Wallets Drained In Suspected Live Exploit While growth in institutional staking has grown somewhat, an onchain problem has been troubling. According to recent onchain discovery, hundreds of Ethereum wallets, many of which have been dormant for years, have been systematically drained, allegedly a series of connected activities ultimately tied back to an individual Ethereum address. In particular, numerous wallets had been out of operation for a decade+, with extremely alarming implications as to how this attacker could manage to gain entry into so long-disused accounts. Estimates suggest total losses are close to $800,000, but analysts warn that this sum is likely to rise as more compromised wallets are discovered. At the heart of the operation is a wallet displayed as Fake_Phishing2831105, with an address: 0xA707034429c8E4E01df056C0CbCf478F0FBeFAd7 Etherscan says that address is tagged “Phish / Hack”, and is related to compromise through phishing. This wallet’s recent activity includes: 591 transactions Remaining balance of about 0.0016 ETH Notable outbound transfer of 324.741 ETH to THORChain Router v4 1. 1 on April 30, 2026 At time of execution, that trade was worth around $733k. Ethereum Dormant Wallet Drain, April 30, 2026 A wallet labelled by Etherscan as Fake_Phishing2831105 has been receiving funds from many addresses and rapidly moving them through swaps and cross chain infrastructure. The address is: 0xA707034429c8E4E01df056C0CbCf478F0FBeFAd7… pic.twitter.com/CVqo9mwGAQ — MASTR (@MastrXYZ) April 30, 2026 Onchain Patterns Indicate Private Key Compromise vs Smart Contract Exploit This incident is noteworthy not only for its volume of funds, but also because of the operational structure of this attack. On-chain data suggests that this is not your traditional smart contract exploit, pseudo-freezable smart contracts, or a standard “approval drain”, in other words not just a case of users unwittingly approving malicious permissions after visiting nasty dApps. Alternatively, the pattern indicates a straightforward compromise of wallet credentials: There are steals from various unlinked wallets All assets flow into the same flagged address Funds are quickly routed through swapping/bridging protocols The attack seems to be signing transactions directly from compromised wallets, which heavily implies leaked private keys or seed phrases instead of freshly-interacted users. In this model: No new clearances are being sought There are no wallet connect prompts Transfer of funds requires no phishing confirmations The attacker already has complete signing authority. This approach raises the stakes, because the breach could lie comfortably dormant until someone attempts to transfer funds. The attacker has a pretty clear laundering path after they aggregate. Funds are: Aggregated from different hacked wallets Split into smaller intermediate transfers Routed through services to swap it out for MATIC and other Finally passed to THORChain Router v4 1. 1 THORChain transaction passed successfully and had a memo with the outbound Bitcoin destination to prove that his intention was to take money away from the Ethereum ecosystem. That’s a laundering pipeline, not an opportunistic heist. Security Warning And Implications For Holders Using Old Wallet There is no evidence of an exploit at the protocol level in Ethereum itself, but this underlying fact creates a core security problem : if the private key controlling the account is insecure, your assets have been stolen. Eth is still processing transactions as it is supposed to; private keys corresponding to older wallets could have been hacked long ago, and are only now being scraped through in bulk. As per community reports, many of the impacted wallets were: Dormant for extended periods Created in early time of Ethereum adoption Carrying small but nonzero balances That also indicates a persistent, low-frequency security risk: wallets left unattended are hacked in silence. The central message is pressing and conspicuous: lack of activity does not hold security. Users are strongly advised to: Audit of all legacy Ethereum wallets Do not reuse old seed phrases Segregate remaining funds to newly generated wallets which are safe Your old backups or wallets stored inside a device can be vulnerable As it stands, the network behaves according to specification, valid signatures are processed flawlessly. The real worry is that exposed keys would be used again after years of inactivity. This incident highlights the truism that in cryptocurrency security, time doesn’t heal all wounds, it often only delays their revelation, even as investigations continue. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !
