⚠️ CBI arrests the Indian kingpin of cyber fraud slavery.

He’s a Mumbai man that trafficked Indians into crypto scam compounds after luring them with fake job offers.

victims were promised jobs in Thailand, but then routed to a different country and forced into crypto fraud operations.

@FEDS

⚠️ more info on yesterdays post: Xinbi team also owns most of the 4L repeaters OG Telegram nfts like @aaaa,@bbbb,@ssss and a lot of high value anon numbers.

Estimates wallet value: $4M+

TON address:

UQAWusKWe-G90fJ0tlNemjZ59hSPD8YXw6g-WfA63gi7LSDg

@FEDS

⚠️ The DOJ has confirmed FBI Director Kash Patel's personal email has been hacked by Iranian hacking group "Handala"

The group leaked personal photos of Patel along with classified documents on their Telegram channel. This comes just days after the seizure of Handala's digital assets by the FBI.

@FEDS

⚠️ UPDATE: U.S. Government highlights “Handala” in $10M reward notice after Patel's email got hacked

@FEDS

⚠️ US vice president reveals the reason why com fraudsters rarely face consequences.

He claims the US government doesn’t prosecute fraud that’s under $1.5M a year.

In the clip he wasn’t talking about com fraud specifically, but it may hint at why com fraudsters rarely face consequences.

@FEDS

⚠️ zachxbt says Kraken user lost $18.2M in a suspected social engineering attack.

The stolen funds were bridged from eth to btc via THORChain.

Eth:

0xC55149BbD560435a9FbEabFdcF9711cf928acA21

Btc:

1D8f8956EEFLXN28AHfioEx4ywVbxCz8KN

@FEDS

⚠️Update: Hacker started cashing some of the $18M stolen funds from the Kraken user

7,784 eth + 26.5 btc were transferred to the HitBTC exchange platform that allows crypto withdrawals without KYC.

@FEDS

⚠️: Flash loan on LML’s reward settlement on BSC. $950K losses.

Attacker manipulated the LML/USDT price using loans and walked with $950k which was swapped to eth and deposited into TornadoCash to be laundered.

Attacker:

0x3c00b00007f11c84a6cf0bea4dff8de79be8fb51

@FEDS

⚠️ A key figure tied to the Chinese illicit-market network behind the $2.2M @danbao Telegram handle was reportedly arrested.

According to Reuters, after citing CCTV and Chinese security officials, he was identified as Li Xiong. Who’s is widely believed online to be the figure referred to as “Boss Xi” a lead in these illicit markets.

@FEDS

⚠️ UPDATE: Li Xiong also known as "Boss Xi" has been extradited to China

@FEDS

⚠️ DeFi platform Whalebit hit for $824K

Hackers artificially pumped token prices to trick the platform’s staking system, making their holdings look far more valuable and cashing out the difference.

Whalebit is also ran by a group previously indicted over a $340M ponzi scheme.

Attacker:

0x48880b3dD87638E5eA75905c3A150e8A3aa6CDA9

@FEDS

⚠️ Drift protocol has been exploited for $220M

The exact details behind the $220M exploit are still unclear.

Attacker:

7RoMqGAcU7S6ESAhPDvB9iSXvASUhuoE8u7dYRxGBew9

@FEDS

⚠️One of the Drift exploit victims who lost $250K begs hacker on-chain for just enough to live:

Drift exploit victim. Lost 250k+. No job. Need funds to survive. Not asking for all -- just enough to live. SOL 82ttFqiabDdZEASCVR8nngS4Fe5GULcL7qCtqDMrDhLb ETH 0x25c5E48a026064685f00358C196c23dd260a8f9f Please.”

Transaction link

@FEDS

⚠️ UPDATE: Further investigation has uncovered much more about the Drift exploit — the largest crypto theft of 2026.

What happened:
The protocol was upgraded last week without a timelock. The attacker allegedly gained admin access, disabled security protections, and drained the pool’s valuable assets.

The total stolen is now believed to exceed $280M, significantly higher than earlier estimates.

The attacker has already swapped the stolen assets into 129,066 ETH, currently held across these addresses:

0x0fe3b6908318b1f630daa5b31b49a15fc5f6b674
0xd3feed5da83d8e8c449d6cb96ff1eb06ed1cf6c7
0xaa843ed65c1f061f111b5289169731351c5e57c1

@FEDS

⚠️ Adobe has suffered a major breach after a social engineering attack

Threat actor gained access and deployed a rat on an employee device, controlling the system. And then worked his way through the systems till he got admin access.

Around 13M records were exposed. The attacker also exposed the Indian employee data

@FEDS