2026-04-15
Zerion
Security Incident: Post Mortem
#Zerion
Zerion
#Zerion
- Reported: 2026-04
- Locations: United States
- Motivations: #FinancialGain
- Sectors: #Cryptocurrency
Summary
The Zerion security incident involved a targeted AI-enabled social engineering attack against a team member’s device, which resulted in the compromise of active sessions, credentials, and private keys to internal hot wallets, allowing attackers to steal approximately $100K in company funds; however, the impact was contained due to strong architectural isolation, with no user funds, apps, or backend infrastructure affected, as Zerion’s self-custodial model prevented access to user assets, and production systems remained segregated; in response, the team rapidly secured infrastructure, took the web app offline to prevent malicious deployments, rotated all credentials and keys, audited employee devices, and collaborated with security partners to track attacker wallets, highlighting that even well-secured systems remain vulnerable to advanced, AI-driven human-targeted attacks, with key lessons centered on strengthening authentication, device security, and employee awareness against increasingly sophisticated social engineering threats.