Truflation Confirms Malware Attack, Blockchain Analysts Estimate $4.6M Loss
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Ad Disclosure
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
(The article has been edited with inputs from Truflation CEO Stefan Rust)
Truflation, a Coinbase Ventures-backed blockchain project, confirmed on Wednesday that it suffered a malware attack but did not disclose the value of compromised funds.
“On September 25th, 2024, the Truflation team detected some abnormal activity,” the platform wrote on X. “We are currently monitoring the situation and are taking measures to protect funds while we are investigating and working with law enforcement.”
The team noted that it is working round-the-clock with leading industry partners and trying to contact the attacker to retrieve lost assets.
Per Web3 security firm Cyvers, the attackers took control of Truflation’s safe address, leading to a loss of $4.6 million worth of TRUF tokens.
Blockchain investigator ZachXBT also flagged the threat on Telegram, mentioning that the project lost around $5 million in a hack. According to the blockchain sleuth, the funds were drained from “treasury multisig and personal wallets.”
Following the hack, Truflation halted its staking services to ensure the safety of assets. It also opened a reward to any white hats offering assistance in the investigation or recovery efforts.
No Customer Funds Compromised: Truflation
The platform confirmed to a user in an X chat that “no customer funds compromised.”
Further, the blockchain project also updated on the ongoing active investigations. “We are closely monitoring all systems to prevent further breaches,” Truflation said.
The project posted a video of CEO Stefan Rust who said that the malware was injected into the computers, most likely in Singapore during Token2049, held last week. “That resulted in getting access to treasury funds,” he added.
“There are no customer funds at risk,” he confirmed. “We are as transparent as we can and keeping you abreast of the situation.”
“We are working with the best investigators and crypto security experts to ensure that we can track this down.”
According to Zapper, attackers drained $3.89M in TRUF, $1.07M in ETH, and $236.7K in DAI from the team’s Ethereum wallets. They also stole other tokens including BNB, WETH and qSQTH.

CEO Stefan Rust also noted that his personal account was hacked. Additionally, he warned about scammers who impersonate as Truflation team to ask user’s TRUF tokens.
“We will not ask you for tokens. There are already additional scammers coming out there and asking you to deposit a stake and return your TRUF tokens and they will burn it. Don’t listen to those sites.”
This comes at a time when Truflation is coming up with a bunch of exciting announcements. “I am super excited and disappointed,” Rust added.
“While this incident is regrettable, it does not impact Truflation’s ongoing development or our ability to roll out forthcoming features, including new indices, the mainnet launch, and the Truflation Stream Network,” the CEO told Cryptonews.
Furthermore, the platform has announced a bounty of $500,000 for the return of the stolen funds. Truflation will offer the bounty, if the attackers return the remaining 90% of funds.
“If the hackers return the funds, we will drop charges and there will be no risk of law enforcement issues.”
However, if the attacker chooses not to partake in the voluntary return of funds by September 28, Truflation would extend the bounty to the public. It would offer the full 10% to the person that identifies the attackers, in a way that leads to a conviction in the courts.
- Trump Appoints PayPal Veteran David Sacks as ‘White House AI and Crypto Czar’
- What’s Happening in Crypto Today? Daily Crypto News Digest
- President Trump Signs Executive Order Calling for US Sovereign Wealth Fund Creation
- Ohio Lawmaker Proposes Second Bill to Establish State Bitcoin Reserve
- Trump Tariffs Stir Crypto Sell-Off With Ether Tumbling Over 26%






