Fun

TON ecosystem scams on the rise: How to stay safe

News Feed - 2024-07-10 10:07:28

Helen Partz10 hours agoTON ecosystem scams on the rise: How to stay safeAs the TON blockchain is open-source and permissionless, individual users and projects must be careful to ensure their own safety.3529 Total views6 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksThe Open Network (TON), a blockchain platform integrated with Telegram, has experienced record-breaking growth in 2024. The number of onchain-activated wallets surged from approximately 1 million in January to over 9 million in June.


However, TON’s massive inflow of new users has not been overlooked by scammers. In June 2024, blockchain security firm SlowMist issued a warning on increasing phishing attacks on the TON ecosystem.


As the TON Foundation ambitiously expects to onboard 500 million users by 2028, it raises the question of how to properly protect users from attacks of all possible vectors without hindering rapid adoption.


Cointelegraph contacted several executives and firms, including the TON Foundation, to better understand the nature of risks in the TON ecosystem and identify steps to keep users’ assets safe.Telegram isn’t responsible for the safety of Mini Apps, says Hacken executive


While identifying the risks in the TON ecosystem, one should realize that Telegram is not responsible for the safety of TON-linked Mini Apps.


The number of Mini Apps on Telegram — such as Notcoin or Hamster Kombat — has been surging significantly over the past few months. However, not all of those apps adhere to the best practices of security to ensure the safety of funds of their users, Stepan Chekhovskoi, lead smart contract auditor at the cybersecurity firm Hacken, told Cointelegraph.


“It’s worth mentioning that this is not Telegram’s fault,” Chekhovskoi emphasized, adding that users’ safety on Mini Apps lies on founders and project teams. He added:“However, Telegram has to take care of the security of the platform itself and to ensure its functionality enables users to seamlessly secure its accounts; it has little to nothing to do with the security of a Mini App developed by a third party.”


A spokesperson from the TON Foundation confirmed that users and projects are solely responsible for safety, stating:“As TON blockchain is open-source and permissionless, individual users and projects must be careful to ensure their own safety and security when undertaking network activity.”TON Foundation “impressed” with security measures by some Mini Apps


The TON Foundation strongly encourages security measures adopted by Mini Apps on Telegram.


“We have been impressed with the actions of many projects as they look to protect their users,” a representative at the TON Foundation told Cointelegraph.


For example, Tonkeeper, one of the most popular TON-based wallets, has enabled users to mark whether a non-fungible token (NFT) they have received is legitimate.


The spokesperson also highlighted the importance of an active and engaged community as one of the best safeguards against bad actors. The representative added:“Users should always be careful when transacting onchain. Please remember that any onchain transaction is irreversible. We strongly advise our users not to click on suspicious links and double-check every detail before signing any onchain transaction.”Self-custodial and custodial Mini Apps on Telegram


According to Hacken’s Chekhovskoi, Telegram Mini Apps are “no different” from apps built on other platforms from a security perspective. As such, one should apply the same web and crypto security measures to those apps.


According to Chekhovskoi, Telegram’s Mini Apps have two ways of managing user private keys, which can be compared to custodial and non-custodial wallets in crypto.


“The majority of Telegram Mini Apps are custodial, so like any other provider of a custodial wallet, they must properly identify their users using additional passwords, 2FA [two-factor authentication] mechanisms and others,” the expert said.


For self-custodial apps, users must ensure strong encryption for private key storage. “If the application doesn’t require an eight-symbol-character password, including numbers and special symbols, or at least a fingerprint, it means the private key is not securely encrypted,” Chekhovskoi noted.


Related:Bybit lists Hamster Kombat’s token for pre-market trading


Users should also vary the risks associated with automated login on all devices. If the automated login is enabled, anyone who gets access to the user’s device by default has access to their Mini Apps.Non-technical threats in the TON ecosystem


The TON ecosystem’s decentralized nature and ease of use naturally lure scammers, and there’s “no silver bullet to protect users,” according to Hacken.


To avoid non-technical scams on TON, individuals should exercise caution when interacting with non-official apps and those launched by lesser-known developers.


According to Steve Milton, co-founder and CEO of the crypto wallet Fintopio, one way to avoid potential phishing attacks is to check whether Mini Apps have a verification mark.


Telegram offers verification for public figures and organizations so that users can easily identify official sources. The Telegram team generally verifies bots as well as official channels or public groups.An example of Telegram’s verification mark for popular tap-to-earn game Hamster Kombat. Source: Hamster Kombat


“Projects that have undergone this rigorous process, such as Fintopio, have demonstrated a commitment to transparency and reliability,” Milton said.


Hacken’s Chekhovskoi also cautioned against get-rich-quick schemes on Telegram, stressing that free cheese is only found in a mousetrap. He stated:“Always remain skeptical of free money offerings. If you embrace a suspicious opportunity, it is better not to risk your main crypto wallet and create a new account for this purpose.”


For more tips on staying safe on TON and Telegram, users can also follow relevant guidance from the TON Foundation.


Magazine:As Ethereum phishing gets harder, drainers move to TON and Bitcoin# Blockchain# Security# Adoption# Telegram# TON# ScamsAdd reaction

News Feed

Argentina Government Refuses to Pay $4M Bitcoin Ransom to Hackers Who Paralyzed Its Borders
Argentina Government Refuses to Pay $4M Bitcoin Ransom to Hackers Who Paralyzed Its BordersThe government of Argentina has reportedly refused to pay a $4 million bitcoin ransom dema
Binance temporarily suspends Solana network withdrawals, citing ‘increased volume’
Zoltan Vardai13 hours agoBinance temporarily suspends Solana network withdrawals, citing ‘increased volume’The world’s largest cryptocurrency exchange also faced some performance issues recently.6159 Total views4 T
Bitcoin halving sees Bitfarms’ BTC mining earnings plummet
Arijit Sarkar38 minutes agoBitcoin halving sees Bitfarms’ BTC mining earnings plummetBitfarms is actively working to triple its current hash rate capacity to 21 exahashes per second with a $240 million investment.416 T
Coinbase Pushes for Single Crypto Regulator: CEO Says ‘We Have 53 Regulators in Just One Country, the US’
Coinbase Pushes for Single Crypto Regulator: CEO Says "We Have 53 Regulators in Just One Country, the US" Crypto exchange Coinbase has been meeting with a number of regulators to c
Former US Regulator Likens FTX and Sam Bankman-Fried to Bernie Madoff and His Ponzi Scheme
Former US Regulator Likens FTX and Sam Bankman-Fried to Bernie Madoff and His Ponzi Scheme Former Federal Deposit Insurance Corporation (FDIC) Chair Sheila Bair likens the fall of
Bitcoin, Ethereum Technical Analysis: BTC Briefly Moves Back Above $20,000 During Volatile Day of Trading
Bitcoin, Ethereum Technical Analysis: BTC Briefly Moves Back Above $20,000 During Volatile Day of Trading Bitcoin briefly broke back into the $20,000 region on Thursday, following
Bank of England Says Crypto Assets ‘Present Financial Stability Risks,’ Bank Begins Sketching Regulatory Framework
Bank of England Says Crypto Assets ‘Present Financial Stability Risks,’ Bank Begins Sketching Regulatory Framework The Bank of England has revealed that it is working on sketch
Yearnify Finance (YFY) Hidden Gem – Decentralized Finance Project, Pre-Sale Round 2 Is Now Live
Yearnify Finance (YFY) Hidden Gem - Decentralized Finance Project, Pre-Sale Round 2 Is Now Live PRESS RELEASE. Yearnify Finance is considered as one of the most
SEC’s closed-door policy stifling crypto innovation — Hester Peirce
Martin Young3 hours agoSEC’s closed-door policy stifling crypto innovation — Hester Peirce“Crypto Mom” called for more positive engagement with crypto firms and fewer enforcement threats from the SEC.1702 Total v
Rising Bitcoin Prices Cause Cascade of Short Liquidations, Highest Ratio of Short vs. Long Wipeouts Since July 2021
Rising Bitcoin Prices Cause Cascade of Short Liquidations, Highest Ratio of Short vs. Long Wipeouts Since July 2021 The top two crypto assets have risen significantly in the past s
Bitcoin, Ethereum Technical Analysis: Bitcoin Climbs Above $47,000, as ETH Consolidates at Key Resistance Level
Bitcoin, Ethereum Technical Analysis: Bitcoin Climbs Above $47,000, as ETH Consolidates at Key Resistance Level Bitcoin was back in the green during Tuesday’s session, as th
Bitcoin dumps 'bull market excess' as daily ETF outflows pass $500M
William Suberg35 minutes agoBitcoin dumps "bull market excess" as daily ETF outflows pass $500MBTC price action spooks ETF investors, data shows, but there is reason to believe that Bitcoin is seeing a broadly healthy co