Truflation, a blockchain-based inflation data platform, has confirmed falling victim to a malware attack. The project reported detecting abnormal activity on 25 September, which led to an estimated loss of up to $5.2 million. Blockchain analysts have tracked the losses from Truflation’s treasury and personal wallets on Ethereum, with additional losses spread across seven other blockchains.
The team is now working with law enforcement and industry partners to resolve the issue. They have also reached out to the hacker, seeking negotiation, while offering rewards to white-hat hackers who can assist. Despite the breach, Truflation has reassured its customers that their funds and staking operations remain secure.
Truflation’s token, TRUF, fell by 15.6% following the incident, though it has since partly recovered. Truflation provides real-time economic data and recently launched a marketplace that tracks commodity indexes such as sugar, petroleum, and wheat.
MoneyGram has acknowledged that its recent multiday outage is due to a cybersecurity issue, and the firm is progressing in restoring its services. The company revealed on X that it had identified the problem affecting certain systems and launched an investigation after users reported disruptions beginning on 20 September.
The Dallas-based financial services company stated that it took immediate protective measures, including taking some systems offline to address the connectivity issues. MoneyGram is collaborating with law enforcement and external cybersecurity experts to mitigate the impact of the breach. In a follow-up post on 24th September, the firm announced that it is successfully restoring some key transactional systems.
Although MoneyGram has assured users that pending transactions will be processed once systems are back online, it has not disclosed details about the nature of the cybersecurity issue, including whether any sensitive data may have been compromised. Additionally, there is no timeline yet for when full service will be resumed.
This incident occurs amid a notable increase in crypto-related ransomware attacks, with reports indicating a significant rise in ransom payments this year. MoneyGram, a major player in money transmission, recently ventured into the crypto space, launching fiat exchange services and partnering with CEX.io to offer fiat-to-stablecoin options.
Caroline Ellison, former CEO of Alameda Research, has been sentenced to two years in prison for her involvement in the collapse of the cryptocurrency exchange FTX. The case, one of the largest financial scandals in US history, saw Ellison plead guilty to fraud charges and cooperate extensively with authorities to secure the conviction of FTX founder Sam Bankman-Fried, who received a 25-year prison sentence.
Ellison’s legal team had requested time served and supervised release, emphasising her crucial role in helping federal investigators uncover the misuse of billions in customer funds. However, District Judge Lewis A. Kaplan, while acknowledging her cooperation, ruled that Ellison must still serve time and forfeit around $11 billion.
Her cooperation with prosecutors has been central in exposing the FTX scandal, but the court concluded that her involvement in the mismanagement of funds warranted a prison sentence, drawing attention from legal experts and the broader crypto community.
Data from millions of Star Health customers, including sensitive medical information, is being accessed and sold via Telegram chatbots. The breach comes just weeks after Telegram’s founder was criticised for failing to prevent criminal activity on the platform. The hacker responsible claims to possess data from over 31 million customers, with some available for free through the chatbots and bulk data offered for sale.
Star Health, one of India’s largest health insurers, stated that it has reported the breach to local authorities but reassured customers that sensitive data remains secure. Initial assessments revealed no evidence of a widespread compromise, despite reports of leaked documents including medical diagnoses, tax details, and ID copies.
Telegram’s role in enabling chatbots has made it one of the most popular messaging apps globally, with over 900 million users. However, security concerns continue to grow, particularly following the recent arrest of its founder in France. While Telegram denies any wrongdoing, it faces mounting pressure over its moderation policies.
The hacker, who operates under the alias xenZen, claimed responsibility for creating the chatbots and for holding 7.24 terabytes of data. UK-based researcher Jason Parker, who discovered the breach, revealed that the stolen data has been accessible since early August, with the chatbots distributing small samples for free.
Disney is phasing out its use of Slack for workplace collaboration after a significant data breach. A hacking group, NullBulge, leaked over a terabyte of Disney’s internal data, affecting thousands of Slack channels, according to reports. This breach included sensitive information like computer code and unreleased projects.
Disney’s Chief Financial Officer, Hugh Johnston, confirmed most departments will stop using Slack by the end of the year. Several teams have already begun transitioning to alternative tools for enterprise-wide collaboration, aiming to improve security and workflow.
The incident, reported in July by the Wall Street Journal, involved over 44 million messages from Slack channels. The company launched an investigation into the unauthorised release of data in August.
NullBulge, known for targeting software supply chains, exploits coding platforms like GitHub and Hugging Face to deceive users into downloading malicious files. Neither an American multinational mass media and entertainment conglomerate nor Slack provided immediate responses to requests for comment.
Sensitive personal and medical data from millions of Star Health customers, India’s largest standalone health insurer, has been leaked and made accessible through chatbots on Telegram. This breach exposes names, phone numbers, addresses, and even medical diagnoses. The stolen data, amounting to 7.24 terabytes, includes over 31 million records and is being sold via these chatbots. Despite the insurer’s initial claims that there was no widespread compromise, numerous policy and claims documents have been publicly available for weeks. Victims were not notified of the breach, even though their private details were openly traded.
Telegram, known for its rapid growth fueled by customisable chatbots, is under heightened scrutiny as these bots become tools for cybercriminals. Even with Telegram’s attempts to remove them, new bots emerge, offering stolen data. This situation underscores the ongoing difficulties Indian companies face in protecting sensitive information as hackers increasingly exploit modern platforms for illicit activities.
Star Health has informed local authorities about the breach, but millions of customers remain vulnerable to identity theft and fraud. This incident highlights major concerns about the safety of sensitive information in India’s digital landscape, emphasising the urgent need for stronger data protection laws and cybersecurity measures.
Brazilian authorities have uncovered a massive cryptocurrency money laundering operation worth $9.7 billion, leading to multiple arrests across major cities, including São Paulo, Fortaleza, and Brasília. The investigation, named ‘Operation Niflheim,’ targeted suspects believed to be laundering funds from drug trafficking and smuggling through crypto assets.
Officials executed 23 search warrants and arrested eight individuals, focusing on a network of companies accused of moving billions using shell firms, tax dodgers, and foreign exchange companies. Investigators discovered that over half of the deposits were linked to individuals with criminal backgrounds, highlighting the extensive use of cryptocurrencies in illegal activities.
The Federal Police have also frozen more than $1.58 billion in bank and crypto exchange accounts as part of the operation. The investigation, ongoing since 2021, underscores the growing role of cryptocurrencies in facilitating financial crimes in Brazil.
China’s Ministry of National Security has accused a Taiwan-based hacking group, Anonymous 64, of orchestrating cyberattacks aimed at discrediting China’s political system. According to a blog post from the ministry, the group, allegedly tied to Taiwan’s military cyberwarfare division, has been targeting Chinese websites, outdoor screens, and television stations to broadcast content undermining mainland policies. In response, Taiwan’s defence ministry dismissed the accusations, claiming China is the natural source of cyber harassment, regularly attempting to destabilise the democratic island.
The allegations are the latest chapter in the escalating tensions between China and Taiwan. China, which claims sovereignty over Taiwan, has ramped up military and political pressure on the island in recent years. Taiwan, in turn, accuses Beijing of spreading disinformation and carrying out cyberattacks. Taiwan’s Information, Communications, and Electronic Force Command responded to China’s claims, asserting that the Chinese government’s military forces are instigating regional instability through ongoing harassment efforts.
The hacking group, which surfaced on X (formerly Twitter) in mid-2023, has posted screenshots of their alleged efforts to infiltrate Chinese media. One video shared by Anonymous 64 featured a masked member likening China’s President Xi Jinping to an emperor, along with footage referencing past protests in China, including the Tiananmen Square demonstrations. However, China contends that many websites the group claimed to have hacked were fake or photoshopped, with minimal online traffic.
As part of its crackdown, China has opened investigations into Taiwan’s cyberwarfare tea members. It has called on citizens to report cyberattacks or anti-China propaganda, urging people to avoid spreading unverified information online. Despite the accusations, it remains unclear whether Anonymous 64 has any ties to the international hacking collective Anonymous or if their alleged actions have been as far-reaching as claimed.
German authorities have shut down 47 cryptocurrency exchange services in a major crackdown on illegal money laundering. The Federal Criminal Police Office (BKA) and the Central Office for Combating Internet Crime led the operation, targeting platforms that allowed users to exchange conventional currencies and cryptocurrencies without verifying their identities. These services bypassed the ‘know-your-customer’ (KYC) rules, enabling users to trade cryptocurrencies like Bitcoin and Ethereum quickly and anonymously.
Criminals reportedly used these exchanges to conceal the origins of illicit funds, often obtained through dark web drug sales or ransomware attacks. As part of the operation on 20 August, authorities confiscated 13 crypto ATMs and seized nearly $28 million in cash from 35 locations across Germany. Financial watchdog BaFin led the raids, targeting machines operating without the necessary licences, which posed significant money laundering risks.
The closure of these exchanges is part of a wider effort to disrupt cybercrime networks. Investigators managed to secure vital user and transaction data, which could assist in future money-laundering investigations. It follows earlier German crackdowns, including the seizure of ChipMixer, a platform involved in laundering €90 million in crypto.
Microsoft researchers have uncovered a Russian disinformation operation that falsely accused United States Democratic presidential candidate Kamala Harris of leaving a 13-year-old girl paralysed in a hit-and-run incident in 2011. The operation, led by a Kremlin-linked group called Storm-1516, used actors and fabricated news outlets, including a fake site called ‘KBSF-TV’, to spread the baseless claim. The hoax was widely shared on social media, gaining millions of views.
The disinformation effort is part of a broader Russian campaign to interfere with the upcoming US presidential election. After initial difficulties shifting focus following President Biden’s withdrawal from the 2024 race, Russian actors have targeted Harris and her running mate, Tim Walz, with fabricated conspiracy theories. The false claim against Harris was amplified on social media by pro-Russian figures, including Aussie Cossack, who encouraged MAGA supporters to spread the misinformation.
Microsoft‘s investigation highlights how Storm-1516 produces misleading videos featuring actors impersonating journalists or whistleblowers. The hit-and-run story gained traction online, particularly on X.com, where it was shared by key figures within the pro-Russian ecosystem. The US Justice Department has also recently charged two Russian state media employees with money laundering, linked to efforts to influence the election.
US officials believe Russia’s goal is to deepen political divisions within the country and undermine public support for military aid to Ukraine. Kamala Harris has stated her intention to continue supporting Ukraine’s defence against Russia‘s invasion if elected.
