Scammers Decided Not to Operate in TON. Is this good?

Crypto scammers using malware to steal digital assets have denied attacking TON users. But things are not that clear.

Scam Sniffer experts noted that operators of a skimmer popular with scammers reject the TON network.

In a message posted on an unspecified Telegram channel, the creators of Drainer announced their closure in the TON ecosystem. The main reason for this is that there are no crypto whales:

The developers of the malicious app are now moving to the Bitcoin blockchain, which will likely create many more opportunities for fraudsters to commit robberies.

“What’s next? “If you have enjoyed spending on the TON network, you will definitely experience consuming Bitcoin.”

One of the main reasons for the lack of whales is the large number of air pulses in the TON. They make fraud no longer the most profitable way to make money: phishing programs on the Open Web yield little profit and reduce the interest of scammers.

But SlowMist founder Yu Xian said such an assessment of whale activity in TON may need to be more complex. According to him, the drainage team may need to pay more attention to the potential of the TON blockchain.

“A phishing group on TON is ready to shut down, claiming that they believe TON is not a whale player and is a small community. They have already turned to the Bitcoin ecosystem… Too realistic. Or maybe this gang isn’t smart enough.”

Yu Xian, founder of SlowMist How the TON blockchain became a new haven for fraudsters

TON has become one of the most successful stories of 2024, with the value of its token increasing by more than 100% since the beginning of the year. Additionally, TON’s integration with the Telegram messenger, which has over 900 million users, has strengthened its position as a potential venue for widespread distribution of cryptocurrency.

The activities of fraudsters on TON appeared against the background of the rapid growth of blockchain. Fraudulent activities have gained momentum at least since November 2023 due to increased interest and investment in TON.

The interest is mainly driven by the growing popularity of mini apps. They have successfully capitalized on the popularity of projects like Notcoin and Hamster Kombat. Attackers often took advantage of the popularity of win-win games.

For example, Kaspersky Lab noted that scammers offer to earn Toncoin (TON) using bots and referral links. To make it easier to trick users, scammers recorded a video with instructions, created text guides, and provided them with many explanatory screenshots.

Tonkeeper explained that scammers rely on current trends in the ecosystem. For example, they created a token to counter the excitement surrounding the release of Hamster Kombat. That’s why the names and signs of fake tokens often match the names of popular projects.

“Often scammers create tokens before the actual coin is officially listed. Check the information about the token launch in official sources.”

Tonekeeper team

BlockAid experts also noted that the attackers used exfiltration tools previously used on the Ethereum and Solana platforms. In September, more than 300 malicious decentralized applications (dapps) were launched on TON, highlighting the growing threats.

Which blockchain is the most popular for fraud?

According to data from the REKT Database, despite the growing popularity of TON, blockchain is not yet popular among scammers.

Thus, Ethereum became the leader in phishing attacks last year, losing over $65 million, which is 91% of the total loss. Arbitrum also lost $5.2 million, while Bitcoin lost $768,000.

In terms of exploits, Ethereum was the most affected blockchain in this category with a loss of $482.7 million, while Binance was the most vulnerable to exit scams with a loss of $74.5 million.

Regarding the migration of attackers to the Bitcoin blockchain, CertiK, another well-known company in the field of blockchain security, emphasized that fraudsters are increasingly attracted to Bitcoin due to high transaction volumes, large user base and significant total value locked (TVL). .

Blockchain statistics by hack volume in Q3 2024. Source: CertiK

Phishing attacks against Bitcoin have increased significantly in recent months. One of the most notable incidents was an attack on a Bitcoin whale that resulted in a loss of $238 million, further highlighting the increasing risks in this space.