On July 1st, Tether partnered with Web3 shopping and infrastructure company Uquid, allowing Filipino citizens to use USDT to pay social security funds on the Open Network (TON). This move provides a beneficial practical case for the integration of the crypto industry with the real economy, indicating the positive role of cryptocurrencies in financial innovation and improving payment systems.
Over the past year, the price of $TON has increased by more than 5 times, ranking it in the top ten in terms of market capitalization. The thriving TON ecosystem has opened its doors to users, but we must remain vigilant against hidden threats.
This article aims to provide users with a risk warning by explaining the current security status of the TON ecosystem.
TON ecosystem sees a surge in users
According to Token Terminal data, as of July 2nd, the monthly active users on the TON network have surged from 228,000 at the beginning of the year to 4.64 million.
The rise of TON can be attributed in part to its Telegram-based click games’ popularity. For example, the popular game Notcoin has attracted 35 million users by rewarding them for clicking on the screen, while Hamster Kombat claims to have accumulated 200 million users.
However, the millions of users joining the TON blockchain and hoping to receive airdrops through various Telegram mini-programs are not native cryptocurrency users. Under the viral gaming experience, they are often exposed to wallets and seed phrases for the first time. Due to a lack of proper understanding of the irreversibility of blockchain transactions and potential risks associated with on-chain transactions, these new users are vulnerable to scams, hacking, and other incidents that lead to asset losses.
TON, appearing on the privacy-focused Telegram, provides a more convenient environment for scammers. As a non-EVM, TON has not yet integrated mature and advanced security tools found on the EVM, indicating that the security measures on the TON network may not be as comprehensive as other mainstream blockchains.
Risks inherent in the TON ecosystem
In addition to common zero-value transfer scams and NFT airdrop phishing scams seen on EVM, a more typical scam on TON is the transaction message scam.
After clicking on a “Received +5,000 USDT” pop-up and sending TON, users do not receive the promised USDT. This is a new type of scam devised by scammers targeting TON, utilizing misleading information added through the memo feature during the TON transfer process to deceive users of their assets.
After in-depth investigation, Bitrace discovered that the scam address O-ApOg2m was created on May 5th, and after 14 memo test transfers over two days, with the last memo in Russian saying “прогрев” meaning “preheating,” the scammers officially began their fraudulent operations. The following day, O-ApOg2m made its first gains through the memo scam.
As shown in the images, victims continue to be scammed by sending varying amounts of TON tokens to the scam address O-ApOg2m in exchange for the promised 5,000 USDT memo. According to statistics, in just two months, this simple memo scam address has made profits of at least 22,000 $TON (approximately 1.28 million RMB).
Apart from various scams on TON, Drainer has also extended its reach to the TON ecosystem. Drainer is a malicious software designed to illegally empty or “drain” cryptocurrency wallets, and this software is offered for rent by its developers, meaning anyone can pay to use this malicious tool. Bitrace found that a Drainer organization was selling its services through a Telegram group and taking a 30% cut of the gains. They stated, “just to clarify: we don’t care where or who your victim is from. We allow draining from all countries including CIS. Nobody is special.”
Since its establishment in April, the Drainer organization shown in the image has accumulated 596 subscribers and claimed to have made over $200,000 in profits in the TON ecosystem by mid-May.
In conclusion, as the user base of TON expands, striking a balance between privacy protection and security needs has become an urgent issue. Opportunities come with risks, and while security experts work to eliminate threats, users should also increase their vigilance, learn to use TON browsers to identify scams, not trust unexplained airdropped assets, and not trust unrealistic transaction memos.
