Truflation Confirms Hack, Loss Estimated at $4.6M

On Wednesday, Coinbase Ventures-sponsored blockchain project Truflation acknowledged that it had been the target of a malware attack. However, the value of the compromised funds was not disclosed.

On September 25, 2024, the platform on X reported some unusual activity that the Truflation team found. “We are presently monitoring the situation and are implementing measures to safeguard funds while we conduct an investigation and collaborate with law enforcement.”

The team observed that it is collaborating with prominent industry partners to retrieve lost assets and is actively seeking to communicate with the assailant at all hours.

The perpetrators seized control of Truflation’s safe address, resulting in a loss of $4.6 million in TRUF tokens, according to Web3 security firm Cyvers.

ZachXBT, a blockchain investigator, also reported the threat on Telegram, stating that the project experienced a breach that resulted in a loss of approximately $5 million. The funds were withdrawn from “personal wallets and treasury multisig wallets,” as per the blockchain investigator.

Truflation suspended its staking services after the breach to guarantee the security of assets. It also launched a reward for any white caps who assisted in the investigation or recovery efforts.

Truflation: No Customer Funds Compromised

In an X conversation, the platform verified to a user that “no customer funds have been compromised.”

Additionally, the blockchain initiative provided updates on the ongoing active investigations. Truflation stated, “We are vigilantly monitoring all systems to prevent the occurrence of any additional breaches.”

The project published a video of CEO Stefan Rust, who stated that the malware was transferred into the computers, most likely in Singapore, during Token2049, which took place last week. “That led to the achievement of access to Treasury funds,” he concluded.

“No customer funds are at risk,” he verified. “We aim to maintain transparency and inform you of the situation.”

“We are working with the best investigators and crypto security experts to ensure that we can track this down.”

Attackers stole $3.89M in TRUF, $1.07M in ETH, and $236.7K in DAI from the team’s Ethereum wallets, according to Zapper. Additionally, they seized tokens such as BNB, WETH, and qSQTH.

Additionally, CEO Stefan Rust disclosed that his account was compromised. Furthermore, he cautioned against fraudsters who pose as the Truflation team to solicit users’ TRUF tokens.

“We will not ask you for tokens. There are already additional scammers coming out there and asking you to deposit a stake and return your TRUF tokens and they will burn it. Don’t listen to those sites.”

This occurs when Truflation is preparing to make several thrilling announcements. Additionally, Rust expressed his enthusiasm and disappointment.