.png){kind=logo}
Ellipal, one of the most recognized names in crypto hardware storage, is pulling out of the hot wallet business after a major $3 million XRP theft shook investor confidence. The company said it will shut down all online wallet services and redirect its full attention to offline protection technology. The move reflects growing pressure on wallet providers to strengthen security as digital asset thefts continue to rise.
In an announcement to users, Ellipal confirmed that all hot wallet operations will end by October 31, marking a complete shift to cold-wallet. The company announced that every engineering and support resource would be focused only on the offline storage devices.
Users were advised to withdraw funds from the Ellipal mobile wallet before the specified shutdown date and transfer them to other newly created, secure addresses. The company also informed that customer service would be available throughout the transition period to assist users and minimize the risk of losing funds.
Ellipal portrayed the shift as a crucial measure against the growing number of cyberattacks targeting internet-connected wallets. In its communication, the firm stated that offline protection is still the most vigorous defense available, albeit it might come with a little inconvenience.
The event that triggered this change was the case of Brandon LaRoque, a retiree living in the USA, who on October 15th discovered that approximately 1.2 million XRP had been withdrawn from his Ellipal wallet. Blockchain investigator ZachXBT was able to follow the stolen tokens through over 120 cross-chain transfers, moving them from the Ripple network to the Tron blockchain using a bridging service called Bridgers.
Investigators found that the assets were funneled through brokers linked to Huione, a Southeast Asian over-the-counter network previously flagged by U.S. authorities for money-laundering activity. Within days, the funds had been swapped and dispersed across numerous wallets, making recovery unlikely.
Ellipal later clarified that its hardware devices had not been breached. Instead, the victim had imported his recovery seed into the company’s mobile app, turning what should have been an offline wallet into one connected to the internet. That configuration allowed hackers to reach the funds remotely.
The case has reopened debate across the crypto industry about the trade-off between convenience and safety. Hot wallets, which remain connected to the internet, provide faster access but are far more exposed to phishing and malware. Cold wallets, by keeping private keys offline, offer a stronger defense against unauthorized access.
Analysts say Ellipal’s withdrawal could influence other wallet developers facing the same security challenges. With billions of dollars held in digital assets globally, even isolated incidents can cast aspersions on self-custody wallets.
The incident also raises a fundamental question for the industry: if a single user's action can turn a cold wallet into a hot wallet, how can wallet providers better inform their customers to prevent losses like this?
Ellipal's withdrawal from hot wallets is a definitive return to its cold-storage roots. The $3 million theft of XRP serves as a warning to crypto holders to protect their recovery phrases, and they clearly understand how wallet configurations can affect the safety of their digital assets.
Read More: Ripple Holders Are Accumulating This Coin as XRP’s Rally to $5 Takes Longer Than Expected
