Anonymized case study
A $234k USDC drain, traced in minutes
A real Solana wallet was swept of its entire USDC balance in two transfers, 68 seconds apart. Addresses are redacted; every figure below comes from public on-chain data the report indexed automatically.
$233.8k
USDC drained
2
transfers
68 sec
drain window
1
recipient wallet
What happened
The victim's self-custody wallet (81RYqD…Rq81a) held a large USDC balance. Within a 68-second window, the entire balance moved out in two SPL token transfers to a single unlabeled wallet (7uTT8X…i8pZ). No SOL and no NFTs were touched — a signature pattern consistent with a leaked seed phrase or a maliciously-signed transaction, not a contract exploit.
What the report did automatically
- Scoped the incident day by value. Instead of guessing from transaction counts, it locked onto the day with the highest-value outflow — isolating the two USDC legs that mattered out of the wallet's history.
- Valued the loss correctly. USDC is a stablecoin, so the loss resolved to ≈ $233,794 at high confidence — not a misleading near-zero figure.
- Traced the destination & next hop. It identified the single recipient, checked the current on-chain balance, and flagged second-hop movement for exchange and law-enforcement follow-up.
- Surfaced the recovery window. Because USDC is centrally issued, the report showed how much was still freezable and generated a ready-to-send Circle freeze-request letter pre-filled with the recipient address, amount, and full transaction signatures.
Why this matters
A block explorer shows the transactions. It does not tell a panicked victim how much is still freezable, who to contact, or hand them a compliance-ready letter and evidence pack. That packaging — the difference between raw data and an action you can take in the first hour — is the whole point of a Tracefunds case file.
Public on-chain data only. Not legal advice and not a recovery guarantee. A freeze is at the issuer's discretion and typically requires a law-enforcement report.