Scammers Exploit Telegram's Popularity for Toncoin Scam, Warns Kaspersky

Scammers are utilizing a sophisticated tactic to deceive Telegram users worldwide, as revealed by researchers at cybersecurity firm Kaspersky in a report released today. Since November 2023, fraudsters have been exploiting the rising popularity of Telegram and the cryptocurrency Toncoin (TON) to steal from unsuspecting victims.

The scheme targets individuals across various regions, enticing them with promises of an "exclusive earning program" shared through their contacts on Telegram. Victims are directed to join an unofficial Telegram bot, purportedly designed for storing cryptocurrency, and link it to a legitimate wallet. They are then instructed to acquire Toncoins through official channels, fostering a false sense of security.

Next, victims are coerced into purchasing "boosters" via a separate bot, with options labeled as "bike," "car," "train," "plane," or "rocket." These boosters come with varying costs, ranging from 5 to 500 Toncoins, depending on the selected tariff. The scammers advertise these boosters as tools to help users earn their coins, akin to boosters in online games.

Olga Svistunova, senior web content analyst at Kaspersky, explained, "This scheme resembles boosters in online games – by purchasing one, the user gains additional advantages." Furthermore, victims are encouraged to create private Telegram groups with friends, where they share referral links and instructional videos pre-recorded by the scammers.

The Telegram Open Network (TON), initially developed by the Durov brothers and now supported by an independent community, reportedly boasts 900 million monthly users. This vast user base makes it an appealing target for fraudulent activities. Kaspersky experts warned users against falling for promises of quick riches and emphasized the importance of vigilance when engaging in cryptocurrency transactions.

In response to these developments, Kaspersky recommended utilizing comprehensive security measures to protect against scams and staying informed about evolving fraudulent schemes. Users are urged to exercise caution and skepticism, especially when presented with offers that seem too good to be true. 

The misuse of features on Elon Musk's social media platform X continues to escalate, with scammers exploiting a specific mechanism to perpetrate crypto and NFT-based scams. These fraudsters manipulate a feature allowing them to create deceptive URLs, presenting themselves as legitimate entities. Initially flagged for phishing concerns by security researcher Davy Wybiral, this feature has now become a conduit for cybercriminals targeting high-profile crypto-related accounts, including those of Binance, the Ethereum Foundation, zkSync, and Chainlink.

Recent discoveries by security researchers, including MalwareHunterTeam, reveal a concerning trend where scammers leverage this feature to deceive users. By modifying the account name in X post URLs, scammers create a false sense of legitimacy, directing unsuspecting individuals to fraudulent websites, fake giveaways, and nefarious Telegram channels. These scams encompass a range of deceitful tactics, from promoting fake crypto giveaways to encouraging participation in pump-and-dump schemes. One particularly alarming incident involves a fake zkSync post leading users to a fraudulent website masquerading as the company. This website, as identified by the X community, is suspected of being a crypto drainer, capable of siphoning users' crypto assets and NFTs once they connect their wallets.

Cyber-attacks incurred a staggering $1.84 billion in losses across 751 incidents in 2023, as per Certik’s "Hack3d: The Web3 Security Report 2023." The average cost per incident amounted to $2.45 million, with the top 10 most expensive attacks contributing $1.11 billion to the total losses. Notably, Q3 saw the highest costs, with $686.5 million lost from 183 hacks. While the report highlights a 51% decline in losses compared to 2022's $3.7 billion, it attributes much of this reduction to the decrease in decentralized finance (DeFi) value. The time-weighted average value of DeFi fell by approximately 46% in 2023 compared to the previous year.