(Linas Kmieliauskas – Cybernews) Security researchers have identified another Russia-linked crypto crime organization that is said to be behind more than $10 million worth of cryptoasset thefts. After monitoring the Rublevka Team organization since August 2025, researchers at Recorded Future’s Insikt Group found that this crypto-focused cybercrime-as-a-service group, operational since 2023, contributed to at least 240,000 cryptoasset wallet drains, worth up to $20,000 per transaction. According to Insikt, the criminal group is an example of a “traffer team,” composed of a network of thousands of social engineering specialists tasked with directing victim traffic to malicious pages. Initially, these criminals targeted the TON blockchain ecosystem, supported by the company behind the Telegram messenger, before moving on to the Solana (SOL) blockchain in the spring of 2025. This ongoing campaign resulted in the biggest losses, as Solana’s ecosystem users lost around $8.2 million. The researchers have identified that, after tricking a victim into connecting their cryptoasset wallet to a fraudulent website, threat actors ask to perform a crypto transaction, which drains all funds from the wallet.
Russian hackers drain millions from Solana and TON | Cybernews
