On July 1, Tether partnered with Web3 shopping and infrastructure company Uquid to allow Filipino citizens to use USDT to pay social security funds on Open Network (TON). This initiative provides a useful practical case for the integration of the encryption industry and the real economy, and heralds the positive role of cryptocurrency in financial innovation and improving payment systems.
In the past year, the price of $TON has increased more than 5 times, and the market capitalization ranks among the top ten. The prosperous TON ecosystem has opened its doors to users. However, we must always be wary of threats lurking in the dark. This article aims to provide risk warnings to users by elaborating on the security status of the TON ecosystem.
TON ecosystem users surge
According to Token Terminal data, as of July 2, the number of monthly active users of the TON network has surged from 228,000 at the beginning of the year to 4.64 million. The rise of TON is inseparable from the popularity of its click-and-click games based on Telegram. Take the popular game Notcoin as an example. It has attracted 35 million users by rewarding users for clicking on the screen. Hamster Kombat claims that its cumulative users have reached 200 million.
However, the millions of users who join the TON blockchain and hope to receive airdrops through various Telegram applets are not native cryptocurrency users. They are often exposed to wallets and seeds for the first time through viral gaming experiences. phrase. Due to the lack of correct understanding of the irreversibility of blockchain transactions and the potential risks of on-chain transactions, these new users are extremely vulnerable to fraud, hacker attacks and other incidents, leading to asset losses.
TON's appearance on Telegram, which advocates privacy, provides a more convenient environment for fraudsters. As a non-EVM, TON has not yet integrated the mature and advanced security tools on EVM, which means that the security protection measures on the TON network may not be as complete as other mainstream blockchains.
TON ecology implies risks
In addition to the common EVM zero-amount transfer scams, NFT airdrop phishing and other scams, the more typical ones on TON are transaction message scams.
After the user clicked on the "Received +5,000 USDT" pop-up window and sent TON, the "promised gift" of USDT was not received. This is a new scam developed by fraudsters targeting TON. They use the postscript function in the TON transfer process to add misleading information to defraud users of their assets.
After in-depth tracking by Bitrace, it was discovered that the fraudulent address O-ApOg2m was created on May 5. After passing a total of 14 postscript transfer tests in 2 days, the last test message left a message in Russian "прогрев", which means warm-up, and then The formal fraud operation begins. The next day, O-ApOg2m made his first haul of stolen money via a PS scam.
As shown in the picture, victims were deceived one after another and sent varying amounts of TON tokens to the O-ApOg2m fraud address in exchange for the 5,000 USDT promised in the postscript. According to statistics, in just two months, this simple transaction message fraud address has made at least 22,000 $TON (approximately 1.28 million yuan).
The victim denounced the scammer in a Russian postscript
In addition to various scams appearing in TON, Drainer has also extended its claws to the TON ecosystem. Drainer is a type of malware specifically designed to illegally empty or "drain" cryptocurrency wallets. The software is made available for rent by its developers, meaning anyone pays to use the malicious tool.
Bitrace discovered that a Drainer organization sells its services through Telegram groups and collects 30% of the stolen money. They made remarks saying "just to clarify: we don't care where or who your victim is from. We allow draining from all countries including CIS. Nobody is special."
The Drainer organization shown in the picture above has gained a total of 596 subscribers since its establishment in April, and in mid-May it announced that it had made more than 200,000 US dollars in profit from the TON ecosystem.
write at the end
As the user base of TON expands, how to balance privacy protection and security needs has become an urgent problem to be solved. There are risks hidden behind the opportunities. While security experts are working hard to eliminate threats, users should also be more vigilant, learn to use the TON browser to identify SCAM, and do not believe in unwarranted short-term investments or unrealistic transaction notes.
