Andrei Kutin, CEO of Match Systems, has published an extensive research report on the TON ecosystem, available on the company’s website. Below are some key insights and ideas from this research, aimed at helping users navigate and stay safe within the evolving ecosystem (the original article is here).
The TON ecosystem, once celebrated for its decentralized capabilities and seamless integration with Telegram, has increasingly become a target for a variety of scams. These fraudulent activities are not only harming individual users but also damaging the reputation of the broader blockchain environment. Match Systems, in their comprehensive review, explores the various methods used by scammers, the reasons behind the growing number of scams, and the measures that can be implemented to counter these threats.
- $10 million stolen via fake airdrops
- 30% rise in mini-app related scams in 2024
- Over 22,000 TON stolen by wallet drainers in a single attack
- 1,200+ victims in the first half of 2024 alone
- 5 victims of fraud for every 100 new users
As scams have migrated from Ethereum to the TON ecosystem due to TON’s relatively weaker security infrastructure, scammers are exploiting its vulnerabilities in various ways. Fraudsters use techniques such as wallet drainers, fake airdrops, phishing via Telegram, and impersonation schemes to deceive users and steal funds. The lack of advanced security tools, in contrast to Ethereum’s stronger defenses, makes TON an attractive target. The TON ecosystem’s integration with Telegram further facilitates these scams, leading to significant financial losses in 2024.
Phishing, social engineering, and technical exploits—such as fake mini-apps—are common tactics. Wallet drainers, in particular, automate theft, taking advantage of user-permission vulnerabilities. Scammers also launder stolen funds via decentralized exchanges, making recovery difficult.
To prevent these threats, users must remain vigilant and adopt stronger security practices, while the ecosystem needs to implement enhanced protections.
In the TON ecosystem, hackers utilize a range of services to build infrastructure for illegal activities. These services include domain registration, search engine optimization (SEO) manipulation, traffic generation tools, VPNs, and proxy networks. Each of these elements plays a crucial role in enabling malicious actors to operate anonymously and scale their operations. The infographic below provides a comprehensive overview of these services, demonstrating how they are used to create and maintain an illicit network within the TON ecosystem.
After hackers steal cryptocurrency, they often need to launder it to obscure its origin and avoid detection. This laundering process involves various techniques and platforms commonly used in cryptocurrency scams. Hackers typically utilize tools such as crypto mixers, which obscure transaction paths, and privacy-focused coins designed to conceal ownership and transfers. These methods help cybercriminals clean stolen funds and convert them into usable assets while minimizing the risk of being traced back to the illicit activity.
How to Avoid Scams in the TON Ecosystem: A Checklist
Match Systems has created a checklist to help users stay safe and avoid falling victim to scams in the TON ecosystem. By following these key steps, you can reduce your risk:
- Verify the Source: Always confirm the legitimacy of websites, apps, and airdrops before interacting.
- Be Skeptical of Free Offers: Avoid too-good-to-be-true promises like free tokens or high returns.
- Enable Two-Factor Authentication (2FA): Add extra security to wallets and exchanges.
- Be Careful with Links: Avoid clicking on unsolicited links and check URLs thoroughly.
- Use Secure Wallets: Opt for reputable wallets with strong security features like multi-signature options.
If you’ve been scammed, report it immediately using the Report on Crypto Incident Telegram bot from Match Systems. Quick action can make a difference in recovering your funds.
