news

TON (The Open Network) is a layer-1 blockchain originally developed by Telegram, abandoned in 2020 following an SEC enforcement action that compelled a $18.5 million penalty and $1.22 billion investor return, and subsequently revived by an independent TON Foundation. By 2024, rapid ecosystem growth attracted a significant wave of phishing campaigns, wallet drainer toolkits, pyramid schemes, and rug pull activity, with over 1,200 fraud cases reported in H1 2024 alone. In May 2026, Pavel Durov announced Telegram would reassume control as the network's largest validator, reintroducing centralization risk to a network already under scrutiny for facilitating illicit marketplaces.

Serenity Shield is a blockchain-based data storage and crypto inheritance protocol built on BNB Smart Chain, operating a product called StrongBox. On February 27, 2024, a team MetaMask wallet was compromised and 6.9 million SERSH tokens valued at approximately $5.6 million were stolen, causing the token price to collapse by over 95% within 24 hours. On-chain investigator ZachXBT linked the attacker to a serial hacker responsible for multiple private-key compromise incidents across at least six other protocols in late 2023 and early 2024.

Thunder Terminal is a Solana-based on-chain trading terminal that suffered a $240,000 exploit on December 27, 2023, when an attacker leveraged compromised MongoDB credentials to steal session tokens and drain 86.5 ETH and 439 SOL from 114 user wallets in under nine minutes. The attacker subsequently routed the stolen ETH through the Railgun privacy protocol and demanded a 50 ETH ransom for deletion of alleged user data, directly contradicting Thunder Terminal's public claim that no user data or private keys were compromised. Thunder Terminal pledged full reimbursement of stolen funds, engaged the FBI, and implemented additional security controls, though no public confirmation of completed reimbursements has been verified.

Circle Internet Group is the issuer of USDC, the second-largest USD-pegged stablecoin by market capitalization. Circle has faced sustained criticism from blockchain investigator ZachXBT and others for its policy of refusing to freeze USDC linked to hacks or scams without a formal court order or law enforcement mandate, which critics allege has allowed over $420 million in illicit funds to flow freely since 2022. The company went public on the NYSE in June 2025 under the ticker CRCL and received conditional OCC approval for a national trust bank charter in December 2025.

Transak is a fiat-to-crypto on-ramp infrastructure provider founded in 2019 and serving over 8 million users across 160+ countries, with integrations into major platforms including MetaMask, Phantom, and Uniswap. In October 2024, a phishing attack on an employee's laptop led to unauthorized access to a third-party KYC vendor's dashboard, exposing the personal identity documents of approximately 92,554 users globally, including names, dates of birth, government-issued IDs, and selfie photos. The breach resulted in a $601,000 class action settlement covering U.S.-based affected users, and the Stormous ransomware group claimed responsibility, alleging extraction of over 300GB of data.

Trezor is a legitimate Prague-based hardware wallet manufacturer (SatoshiLabs) and one of the oldest in the industry, but it has accumulated a significant threat ecosystem around its brand. A January 2024 breach of its third-party support portal exposed contact data for approximately 66,000 users, which subsequently fueled targeted phishing campaigns delivered via email, physical mail, and fake apps. Trezor hardware devices have also been subject to disclosed physical attack vectors, including an alleged unpatchable flaw in the STM32 microcontroller used in the Trezor T model.