On July 1, Tether partnered with Web3 shopping and infrastructure company Uquid to allow Philippine citizens to pay social security funds with USDT on the Open Network (TON). This move provides a useful practical case for the integration of the crypto industry and the real economy, and heralds the positive role of cryptocurrencies in financial innovation and improving payment systems.

In the past year, the price of $TON has increased by more than 5 times, and its market value ranks among the top 10. The prosperous TON ecosystem has opened its doors to users, but we must always be vigilant against the threats lurking in the dark. This article aims to warn users of risks by explaining the security status of the TON ecosystem.

TON ecosystem users surge

According to Token Terminal data, as of July 2, the number of monthly active users of the TON network has surged from 228,000 at the beginning of the year to 4.64 million. TON's rise is inseparable from the popularity of its Telegram-based click games. For example, the popular game Notcoin has attracted 35 million users by rewarding users for clicking on the screen, while Hamster Kombat claims that its cumulative users have reached 200 million.

However, the millions of users who joined the TON blockchain and hoped to receive airdrops through various Telegram applets were not native cryptocurrency users. They were often exposed to wallets and seed phrases for the first time through viral gaming experiences. Due to the lack of correct understanding of the irreversibility of blockchain transactions and the potential risks of on-chain transactions, these new users are extremely vulnerable to scams, hacker attacks and other incidents, resulting in asset losses.

TON appeared on Telegram, which advocates privacy, providing a more convenient environment for scammers. As a non-EVM, TON has not yet integrated mature and advanced security tools on EVM, which means that the security protection measures on the TON network may not be as complete as other mainstream blockchains.

TON ecosystem contains hidden risks

In addition to the common EVM scams such as zero-amount transfer scams and NFT airdrop phishing scams, the more typical scam on TON is the transaction message scam.

After the user clicked the pop-up window of "Received +5,000 USDT" and sent TON, he did not receive the "promised" USDT. This is a new scam designed by fraudsters against TON, which uses the postscript function in the TON transfer process to add misleading information to defraud users of their assets.

After in-depth tracking by Bitrace, it was found that the fraudulent address O-ApOg2m was created on May 5. After a total of 14 PS transfer tests in two days, it left a message in Russian "прогрев" in the last test, which means warm-up, and then started the formal fraud operation. The next day, O-ApOg2m received the first sum of stolen money through the PS scam.

As shown in the picture, victims were deceived one after another and sent varying amounts of TON tokens to the O-ApOg2m scam address in exchange for the 5,000 USDT promised in the postscript. According to statistics, in just two months, this simple transaction message scam address has made at least 22,000 $TON (about 1.28 million RMB).

The victim denounced the scammer in a Russian postscript

In addition to various scams appearing on TON, Drainer has also stretched its claws to the TON ecosystem. Drainer is a malware designed specifically to illegally empty or "drain" cryptocurrency wallets. This software is rented out by its developers, meaning that anyone can pay to use the malicious tool. Bitrace found that a Drainer organization sold its services through Telegram groups and collected 30% of the stolen money. They made a statement saying, "just to clarify: we don’t care where or who your victim is from. We allow draining from all countries including CIS. Nobody is special."

The Drainer organization shown in the above picture has accumulated 596 subscribers since its establishment in April, and in mid-May it announced that it had made more than $200,000 in profits in the TON ecosystem.

Final Thoughts

As the user base of TON expands, how to balance privacy protection and security needs has become an urgent problem to be solved. Opportunities are accompanied by risks. While security experts are working hard to eliminate threats, users should also be more vigilant and learn to use TON browsers to identify SCAMs, and not trust unfounded empty investments or unrealistic transaction notes.