News Heat Trend
Project Overview
Telegram Messenger is a globally accessible freemium, cloud-based and centralized instant messaging (IM) service. The application also provides optional end-to-end encrypted chats (popularly known as "secret chats") and video calling, VoIP, file sharing and several other features.Telegram was launched in 2013 by the brothers Nikolai and Pavel Durov. Previously, the pair founded the Russian social network VK.
AlphaTON Capital Plans to Raise $43 Million to Expand AI Computing Infrastructure
According to The Block, AlphaTON Capital has announced plans to raise $43 million through a strategic partnership with Vertical Data Inc. to expand its AI compute infrastructure; the transaction is expected to close in Q2 2026. AlphaTON CEO Brittany Kaiser stated that the funding will be used to deploy additional NVIDIA B300 GPUs, with the core objective of advancing the convergence of AI, digital assets, and confidential computing—and scaling up the platform’s overall compute capacity. On the business front, AlphaTON not only holds a substantial amount of TON tokens as corporate treasury assets but also actively participates in building infrastructure for the Telegram and TON ecosystems, with key investment focus areas including Cocoon, Telegram’s decentralized AI platform. Background-wise, AlphaTON was formed through the restructuring and transformation of former biotech public company Portage Biotech Inc., which had previously focused on cancer therapy research; the company completed the spin-off of its cancer therapy subsidiary in February this year.
AlphaTON and Vertical Data Announce $43 Million AI Infrastructure and Financing Partnership
AlphaTON Capital (NASDAQ: ATON) announced a strategic AI hardware and financing agreement with Vertical Data Inc., with a total transaction value of approximately $43 million, expected to close in Q2 2026. The agreement centers on deploying high-performance GPU clusters powered by NVIDIA’s B300 architecture. Financing will be provided through Vertical Data’s GPUfinancing.com platform via an asset-backed, non-recourse structure and includes managed infrastructure services. This expansion will support AlphaTON’s business initiatives with partners including Telegram, Gamee, Animoca Brands, and Midnight Blockchain.
Polymarket Plans to Require Traders to Complete KYC Identity Verification Amid Growing Sanctions and Legal Risks
: Prediction market Polymarket is facing increased pressure from regulatory and sanctions compliance. It is reported that the platform is pushing traders to undergo identity verification (KYC) to mitigate potential legal and compliance risks.Although Polymarket's betting platform rules do not permit such activities in certain regions, some users have still been participating in market trading through automated trading bots and other methods, forming gray usage pathways in areas such as Russia. Some developers have even utilized tools like Telegram to organize trading traffic and expand their user base. As the platform scales and regulatory scrutiny intensifies, Polymarket is being forced to seek a balance between the decentralized prediction market model and compliance requirements to address potential sanctions and legal risks. (The Information)
Singapore police charge Hodlnaut former CEO Zhu Juntao with fraud, alleging false statements during Terra collapse
Odaily reports, Singapore police have filed six charges of fraud against Zhu Juntao, the former CEO of the defunct crypto lending platform Hodlnaut. The charges allege that during the TerraUSD collapse in 2022, he instructed employees to issue false statements, misleading users to believe that Hodlnaut had no direct exposure to TerraUSD and had not suffered any losses from the incident. According to the prosecutor, the false information was published on Hodlnaut's Telegram channel, customer emails, and Zhu's own X (formerly Twitter) account. Under Singapore law, if convicted, Zhu faces a maximum of up to 20 years in prison, a fine, or both for each charge. (CoinDesk)
Telegram Founder: EU's "Age Verification App" Can Be Quickly Compromised, Stay Vigilant
Odaily News Telegram founder Pavel Durov posted on X, stating that the "age verification app" proposed by the EU has design flaws and was compromised in just a few minutes. The reason lies in the fundamental security issues of its architecture that trusts user devices. The solution is positioned as "privacy-friendly," but it can actually be easily cracked. Its development path is summarized as follows: first, launch a system that appears to protect privacy but has vulnerabilities; after being compromised, use "fixes" as a reason to weaken privacy protection, eventually evolving into a surveillance tool in the name of privacy. Such "accidental vulnerability incidents" may be used to expand regulation, and the public is urged to stay vigilant.
South Korea’s “Retaliation Brokerage” Agency Charges in USDT to Carry Out Violent Crimes; Operations Continue Despite Arrest of Its Leader
According to DL News, several “revenge intermediaries” in South Korea that accept cryptocurrency as payment have recently remained highly active. These organizations receive orders via Telegram and offer services including intimidation, assault, and even murder disguised as accidents. They require clients to pay a 50% deposit in USDT and promise to send footage of the operation—recorded using body-worn cameras—via Telegram. Although the alleged ringleader was arrested on April 3, related online advertisements continued to appear as recently as April 13. This year, South Korean police have launched investigations into more than 50 such cases and arrested approximately 30 individuals; all cases were confirmed to involve cryptocurrency payments.
Court documents allege Jane Street used insider information from Terraform to short UST, profiting $134 million
According to recently unsealed court documents, Jane Street is alleged to have obtained insider information from Terraform Labs via a private Telegram group named "Bryce's Secret."The documents claim that Jane Street subsequently sold approximately $192 million worth of UST when it was near its peg price, and profited around $134 million by shorting UST during the collapse of TerraUSD and the evaporation of roughly $40 billion in market value from the Terra ecosystem. (CoinDesk)
Terraform Liquidator Accuses Jane Street of Obtaining Inside Information via Telegram Private Group
According to CoinDesk, newly unsealed court documents allege that Jane Street, a major Wall Street quantitative trading firm, obtained non-public internal information from Terraform Labs via a private Telegram group named “Bryce’s Secret” prior to the 2022 Terra collapse. The firm is accused of selling approximately $192 million worth of UST in advance and establishing short positions, thereby profiting roughly $134 million amid the collapse of the Terra ecosystem—valued at approximately $40 billion. The complaint states that on May 7, 2022—just nine minutes after Terraform withdrew $150 million in liquidity from the Curve pool—Jane Street sold around $85 million worth of UST on Curve. The associated wallet was subsequently suspected of being a key address contributing to UST’s de-pegging. However, Jane Street denies these allegations, calling the lawsuit “baseless,” and states it will vigorously defend itself.
ZachXBT: US 18-Year-Old Hacker Dritan Allegedly Involved in $19 Million Crypto Theft and Money Laundering
on-chain detective ZachXBT has exposed US threat actor Dritan Kapllani Jr., alleging his involvement in social engineering thefts targeting crypto users, totaling approximately $19 million.ZachXBT stated that Dritan has long been flaunting luxury cars,名牌 watches, private jets, and nightclub lifestyles on social media. On April 23, 2026, during a "Band 4 Band (B4B)" voice call on Discord, in an attempt to prove he was wealthier than another hacker, he publicly displayed an Exodus wallet containing $3.68 million in assets.The relevant ETH address is: 0x4487db847db2fc99372a985743a26f46e0b2bba6ZachXBT's tracking revealed that this address is linked to a social engineering theft incident on March 14, 2026, involving 185 BTC (approximately $13 million). The following day, Dritan's Exodus wallet received about $5.3 million from that theft. By the time of the B4B call six weeks later, approximately $1.6 million had already been spent or laundered.On May 11, the US Department of Justice unsealed a criminal indictment against Trenton Johnson, charging him with participation in the theft of 185 BTC. He faces a potential maximum sentence of 40 years in prison. The indictment refers to "Co-Conspirator 1 (CC-1)," believed to be Dritan, who has not yet been formally charged.ZachXBT also noted that Dritan is connected to hacker John Daghita (Lick), who was previously arrested for stealing $46 million from the US government. John had previously exposed Dritan's old wallet address on Telegram. On-chain analysis shows that this address is linked to multiple high-confidence social engineering thefts in 2025, with a cumulative total exceeding $5.85 million.ZachXBT stated that Dritan has long been active in the "The Com" hacker circle and had seemingly avoided formal prosecution due to being a minor. Now that he has turned 18, his "borrowed time may finally be over."
Hong Kong woman loses HK$7.7 million in cryptocurrency after falling for AI-powered quantitative trading scam
According to Hong Kong 01, a woman met a fraudster on Telegram who claimed to be an “investment expert.” The scammer lured her with promises of stable high returns using “quantitative trading” and “AI algorithms.” Believing the claims, the victim transferred approximately HK$7.7 million worth of USDT and ETH from her e-wallet to wallets designated by the fraudster in 17 separate transactions. When she attempted to withdraw funds, the scammer delayed and refused her requests with various excuses—only then did she realize she had been defrauded. Police warned that “high returns + low risk + low entry barrier” constitutes a 100% fraudulent “impossible triangle,” and urged the public to verify the authenticity of any investment platform before committing funds.
Hong Kong Police Unveil “AI Quantitative Guaranteed Profit” Cryptocurrency Scam; Victims Lose HK$7.7 Million
According to Hong Kong 01, Hong Kong police have disclosed a fraud case in which scammers lured victims into investing in cryptocurrencies under the guise of “AI-powered quantitative trading,” defrauding a woman of approximately HK$7.7 million. The fraudsters posed as “investment experts” and proactively contacted the victim via Telegram, claiming they could generate stable, high returns using “quantitative trading” and “AI algorithms.” The victim subsequently transferred USDT and ETH worth around HK$7.7 million from her digital wallet to designated addresses in 17 separate transactions. She only realized she had been scammed when her withdrawal request was denied. Hong Kong police warned that although cryptocurrencies offer the potential for high returns, they also carry high volatility and high risk. Claims of “AI-driven trading” or “guaranteed profits from quantitative strategies” are mostly fraudulent lures. The public should remain vigilant against the “impossible trinity” trap—promises of high returns, low risk, and low entry barriers.
North Korean hacker group Lazarus Group deploys fileless RemotePE Trojan to target cryptocurrency firms and banks
According to Cryptopolitan, the North Korea–linked hacker group Lazarus Group has been found deploying the fileless remote access Trojan RemotePE, primarily targeting banks, cryptocurrency exchanges, and fintech companies. This malware runs entirely in memory and employs process hollowing, anti-analysis detection techniques, and encrypted C2 communications—making it difficult for traditional antivirus and forensic tools to detect. The report states that attacks typically begin with Telegram-based social engineering: attackers impersonate employees of trading firms and lure victims into installing malicious software using forged Calendly and Picktime links, ultimately executing the payload without touching the file system.
ZachXBT: US 18-Year-Old Hacker Dritan Allegedly Involved in $19 Million Crypto Theft and Money Laundering
on-chain detective ZachXBT has exposed US threat actor Dritan Kapllani Jr., alleging his involvement in social engineering thefts targeting crypto users, totaling approximately $19 million.ZachXBT stated that Dritan has long been flaunting luxury cars,名牌 watches, private jets, and nightclub lifestyles on social media. On April 23, 2026, during a "Band 4 Band (B4B)" voice call on Discord, in an attempt to prove he was wealthier than another hacker, he publicly displayed an Exodus wallet containing $3.68 million in assets.The relevant ETH address is: 0x4487db847db2fc99372a985743a26f46e0b2bba6ZachXBT's tracking revealed that this address is linked to a social engineering theft incident on March 14, 2026, involving 185 BTC (approximately $13 million). The following day, Dritan's Exodus wallet received about $5.3 million from that theft. By the time of the B4B call six weeks later, approximately $1.6 million had already been spent or laundered.On May 11, the US Department of Justice unsealed a criminal indictment against Trenton Johnson, charging him with participation in the theft of 185 BTC. He faces a potential maximum sentence of 40 years in prison. The indictment refers to "Co-Conspirator 1 (CC-1)," believed to be Dritan, who has not yet been formally charged.ZachXBT also noted that Dritan is connected to hacker John Daghita (Lick), who was previously arrested for stealing $46 million from the US government. John had previously exposed Dritan's old wallet address on Telegram. On-chain analysis shows that this address is linked to multiple high-confidence social engineering thefts in 2025, with a cumulative total exceeding $5.85 million.ZachXBT stated that Dritan has long been active in the "The Com" hacker circle and had seemingly avoided formal prosecution due to being a minor. Now that he has turned 18, his "borrowed time may finally be over."
SlowMist Discloses Phishing Campaign Involving Fake TronLink Chrome Extension That Steals Wallet Credentials Such as Mnemonics and Private Keys
According to SlowMist, its security monitoring system MistEye has detected a counterfeit TronLink Chrome MV3 extension targeting TRON wallet users with a two-layer phishing attack. The extension disguises itself as the official plugin using Unicode obfuscation and brand spoofing. Upon installation, it first loads a remote iframe-based pop-up page designed to trick users into entering their mnemonic phrases, private keys, keystore files, and passwords—then exfiltrates this sensitive data via same-origin APIs to a Telegram bot. The malicious infrastructure involved includes the domains tronfind-api[.]tronfindexplorer[.]com and trx-scan-explorer[.]org; the malicious extension ID is ekjidonhjmneoompmjbjofpjmhklpjdd. SlowMist advises users to immediately uninstall the extension. If sensitive information has already been submitted, users should promptly migrate their assets and discontinue use of the compromised wallet.
Bybit Discloses macOS Malware Campaign Targeting Searches for Claude Code
Bybit’s Security Operations Center has identified a multi-stage malware campaign targeting macOS users of Claude Code, an AI-powered search and development tool. Attackers used search engine optimization (SEO) poisoning to push malicious domains to the top of Google search results, luring users to counterfeit installation pages. Once installed, the malware steals browser credentials, macOS Keychain data, Telegram sessions, VPN configurations, and cryptocurrency wallet information. Bybit stated that the malware can also establish persistent access via backdoor functionality and attempts to target over 250 browser wallet extensions and multiple desktop wallet applications. This malicious infrastructure was identified on March 12, and related analysis, mitigation, and detection measures were completed the same day.
Telegram Founder: EU's "Age Verification App" Can Be Quickly Compromised, Stay Vigilant
Odaily News Telegram founder Pavel Durov posted on X, stating that the "age verification app" proposed by the EU has design flaws and was compromised in just a few minutes. The reason lies in the fundamental security issues of its architecture that trusts user devices. The solution is positioned as "privacy-friendly," but it can actually be easily cracked. Its development path is summarized as follows: first, launch a system that appears to protect privacy but has vulnerabilities; after being compromised, use "fixes" as a reason to weaken privacy protection, eventually evolving into a surveillance tool in the name of privacy. Such "accidental vulnerability incidents" may be used to expand regulation, and the public is urged to stay vigilant.
Hackers Spread PHANTOMPULSE Trojan via Obsidian Plugin
According to Elastic Security Labs, threat actors impersonated venture capital firms and lured targets into opening malicious Obsidian note vaults via LinkedIn and Telegram. This attack leveraged Obsidian’s Shell Commands plugin to execute malicious payloads without exploiting any vulnerabilities when victims opened the note vaults. The PHANTOMPULSE malware discovered in this campaign is a previously undocumented Windows Remote Access Trojan (RAT) that uses Ethereum transaction data to achieve blockchain-based C2 communication. The macOS payload employs an obfuscated AppleScript dropper and uses a Telegram channel as a fallback C2. Elastic Defend detected and blocked the PHANTOMPULSE execution before it could run.
Audiera Releases Agent Economy Roadmap, Evolving into Agent-Native Participation Economy
Odaily News Audiera officially released its Agent Economy Roadmap, outlining a long-term strategic vision to evolve from an AI-Native entertainment platform into an Agent-Native Participation Economy.The five key phases of the roadmap are as follows:- Phase 1: Participation Infrastructure — Completed. Launched Telegram Mini-App, Web3 dApp, mobile rhythm game, AI music studio, AI voting system, and the BEAT token economy.- Phase 2: Persistent Agent Identity — Completed/Ongoing. Introduced AI companions such as Kira & Ray, featuring memory systems and emotional interaction layers, transforming Agents into digital lifeforms with enduring relationships.- Phase 3: Agent Participation Layer — Current focus (partially launched). Agents can autonomously create content, participate in events, vote on curation, and interact with users, earning BEAT through engagement scoring and reward mechanisms.- Phase 4: Agent Economy (2026–2027). Will introduce Agent wallets, deployment frameworks, and skill marketplaces (including creator, curator, social, and gaming skills), enabling Agents to autonomously generate, own, and trade value.- Phase 5: Open Agent Network (Long-term Vision). Aims to achieve autonomous collaboration among Agents, an open Agent marketplace, third-party developer integration, and cross-platform participation, positioning Audiera as the underlying coordination layer for the Agent economy.https://audiera.fi/
U.S. Department of Justice: Two Men Arrested for Allegedly Laundering Over $389 Million Through Cryptocurrency
The U.S. Attorney's Office for the Eastern District of Pennsylvania announced that Ruslan Igorevich Tkachuk and Alexander Vladimirovich Ledenev have been arrested for allegedly operating the cryptocurrency money laundering service AudiA6. Since its launch in 2021, the service has received approximately 10,333 bitcoins, valued at over $389 million at the time of the transactions. Of this amount, at least $19.234 million worth of bitcoin came directly from illegal sources such as darknet markets and ransomware groups. A joint international law enforcement operation has seized and frozen the servers, domain names, and Telegram accounts associated with AudiA6.
TON Q1 Cross-Chain NFT Share Grows 130.4% Quarter-on-Quarter
a report released by Messari shows a clear divergence in the TON ecosystem during the first quarter of 2026. Its cross-chain NFT market share grew by 130.4% quarter-on-quarter, reaching 35.5%; relying on Fragment settlement, revenue from Telegram-related products reached $88.5 million. However, multiple ecosystem metrics declined. TON's total value locked (TVL) in USD fell by 34.9% quarter-on-quarter, daily active addresses decreased by 8.8%, and the average daily USDT transfer volume dropped to $77 million, down 32.5% quarter-on-quarter. Additionally, after the end of the first quarter, TON has implemented 4 out of the 7 initiatives outlined in the MTONGA upgrade plan.
TON Revives Gram Token Brand, CEO Says Network “Returning to Its Roots”
Odaily Telegram CEO Pavel Durov stated that the native token of The Open Network (TON) will be renamed to Gram, reverting to its original name as outlined in the project's early whitepaper. TON will remain the name of the blockchain network, while Gram will serve as the name of its native currency.Durov noted that this renaming is the fourth step in the seven-step "Make TON Great Again" plan, and the entire transition is expected to take approximately three weeks. The remaining three initiatives have yet to be disclosed.Previously announced steps include the TON network upgrade, increased transaction settlement speed, significantly reduced fees, and Telegram's plan to replace the TON Foundation as the ecosystem's primary manager and largest validator.
Vitalik Updates CROPS AI Progress: Proposes Combining Private Remote LLM Calls with Ethereum Private RPC Reads
Vitalik Buterin updated several developments related to CROPS AI and noted a clear overlap between the “CROPS Ethereum Access Layer” and “CROPS AI.” He suggested that paying for remote large language model (LLM) calls via zero-knowledge proofs could also address Ethereum’s private RPC read issues. Meanwhile, DeepSeek v4 has been released; its 2-bit quantized version runs within 90 GB, though it currently performs faster on Apple hardware; the messaging app Messa now supports Telegram Alpha features; the model runtime tool Luceb demonstrates higher efficiency when running compute-intensive models; and the local AI voice recording tool VoxTerm remains under active development. Vitalik Buterin also mentioned that application-specific fine-tuned large language models will help improve secure code writing, and Ethereum-related use cases should likewise have dedicated fine-tuned models.
Polymarket Plans to Require Traders to Complete KYC Identity Verification Amid Growing Sanctions and Legal Risks
: Prediction market Polymarket is facing increased pressure from regulatory and sanctions compliance. It is reported that the platform is pushing traders to undergo identity verification (KYC) to mitigate potential legal and compliance risks.Although Polymarket's betting platform rules do not permit such activities in certain regions, some users have still been participating in market trading through automated trading bots and other methods, forming gray usage pathways in areas such as Russia. Some developers have even utilized tools like Telegram to organize trading traffic and expand their user base. As the platform scales and regulatory scrutiny intensifies, Polymarket is being forced to seek a balance between the decentralized prediction market model and compliance requirements to address potential sanctions and legal risks. (The Information)
Related news
Audiera Releases Agent Economy Roadmap, Evolving into Agent-Native Participation Economy
Odaily News Audiera officially released its Agent Economy Roadmap, outlining a long-term strategic vision to evolve from an AI-Native entertainment platform into an Agent-Native Participation Economy.The five key phases of the roadmap are as follows:- Phase 1: Participation Infrastructure — Completed. Launched Telegram Mini-App, Web3 dApp, mobile rhythm game, AI music studio, AI voting system, and the BEAT token economy.- Phase 2: Persistent Agent Identity — Completed/Ongoing. Introduced AI companions such as Kira & Ray, featuring memory systems and emotional interaction layers, transforming Agents into digital lifeforms with enduring relationships.- Phase 3: Agent Participation Layer — Current focus (partially launched). Agents can autonomously create content, participate in events, vote on curation, and interact with users, earning BEAT through engagement scoring and reward mechanisms.- Phase 4: Agent Economy (2026–2027). Will introduce Agent wallets, deployment frameworks, and skill marketplaces (including creator, curator, social, and gaming skills), enabling Agents to autonomously generate, own, and trade value.- Phase 5: Open Agent Network (Long-term Vision). Aims to achieve autonomous collaboration among Agents, an open Agent marketplace, third-party developer integration, and cross-platform participation, positioning Audiera as the underlying coordination layer for the Agent economy.https://audiera.fi/
U.S. Department of Justice: Two Men Arrested for Allegedly Laundering Over $389 Million Through Cryptocurrency
The U.S. Attorney's Office for the Eastern District of Pennsylvania announced that Ruslan Igorevich Tkachuk and Alexander Vladimirovich Ledenev have been arrested for allegedly operating the cryptocurrency money laundering service AudiA6. Since its launch in 2021, the service has received approximately 10,333 bitcoins, valued at over $389 million at the time of the transactions. Of this amount, at least $19.234 million worth of bitcoin came directly from illegal sources such as darknet markets and ransomware groups. A joint international law enforcement operation has seized and frozen the servers, domain names, and Telegram accounts associated with AudiA6.
TON Q1 Cross-Chain NFT Share Grows 130.4% Quarter-on-Quarter
a report released by Messari shows a clear divergence in the TON ecosystem during the first quarter of 2026. Its cross-chain NFT market share grew by 130.4% quarter-on-quarter, reaching 35.5%; relying on Fragment settlement, revenue from Telegram-related products reached $88.5 million. However, multiple ecosystem metrics declined. TON's total value locked (TVL) in USD fell by 34.9% quarter-on-quarter, daily active addresses decreased by 8.8%, and the average daily USDT transfer volume dropped to $77 million, down 32.5% quarter-on-quarter. Additionally, after the end of the first quarter, TON has implemented 4 out of the 7 initiatives outlined in the MTONGA upgrade plan.
TON Revives Gram Token Brand, CEO Says Network “Returning to Its Roots”
Odaily Telegram CEO Pavel Durov stated that the native token of The Open Network (TON) will be renamed to Gram, reverting to its original name as outlined in the project's early whitepaper. TON will remain the name of the blockchain network, while Gram will serve as the name of its native currency.Durov noted that this renaming is the fourth step in the seven-step "Make TON Great Again" plan, and the entire transition is expected to take approximately three weeks. The remaining three initiatives have yet to be disclosed.Previously announced steps include the TON network upgrade, increased transaction settlement speed, significantly reduced fees, and Telegram's plan to replace the TON Foundation as the ecosystem's primary manager and largest validator.
Pavel Durov Plans to Rename Telegram Ecosystem Token TON Coin to "GRAM"
According to market sources, Telegram founder Pavel Durov plans to rename the Telegram ecosystem token TON Coin to "GRAM".
Vitalik Updates CROPS AI Progress: Proposes Combining Private Remote LLM Calls with Ethereum Private RPC Reads
Vitalik Buterin updated several developments related to CROPS AI and noted a clear overlap between the “CROPS Ethereum Access Layer” and “CROPS AI.” He suggested that paying for remote large language model (LLM) calls via zero-knowledge proofs could also address Ethereum’s private RPC read issues. Meanwhile, DeepSeek v4 has been released; its 2-bit quantized version runs within 90 GB, though it currently performs faster on Apple hardware; the messaging app Messa now supports Telegram Alpha features; the model runtime tool Luceb demonstrates higher efficiency when running compute-intensive models; and the local AI voice recording tool VoxTerm remains under active development. Vitalik Buterin also mentioned that application-specific fine-tuned large language models will help improve secure code writing, and Ethereum-related use cases should likewise have dedicated fine-tuned models.