Scammers have been observed employing a sophisticated tactic to steal Toncoins (TON) from Telegram users globally.
This scheme, uncovered by researchers at Kaspersky and described in a report published today, has been operational since November 2023 and exploits the growing popularity of both TON and the messaging platform Telegram.
Targets from various regions have fallen victim to the fraudsters’ ploy. The perpetrators attract unsuspecting Telegram users through a referral system, enticing them with promises of an “exclusive earning program” shared via contacts in their network.
The scheme unfolds as victims are directed to join an unofficial Telegram bot, supposedly created for storing cryptocurrency, and link it to a legitimate wallet. At the same time, they are instructed to procure Toncoins through official channels, such as the Telegram bot, P2P markets or cryptocurrency exchanges, fostering a false sense of security.
Subsequently, victims are coerced into purchasing “boosters” via a separate bot. These boosters, labeled as “bike,” “car,” “train,” “plane,” or “rocket,” come with varying costs ranging from 5 to 500 Toncoins, depending on the selected tariff.
“The ‘boosters’ are advertised by scammers as tools that somehow allow users to earn on their coins,” explained Olga Svistunova, senior web content analyst at Kaspersky. “This scheme resembles boosters in online games – by purchasing one, the user gains additional advantages.”
The scheme further escalates as victims are encouraged to create private Telegram groups with friends, sharing referral links and instructional videos pre-recorded by the scammers.
For context, the Telegram Open Network (TON), initially developed by the Durov brothers and now supported by an independent community, reportedly boasts 900 million monthly users, making it an enticing target for fraudulent activities.
In light of these developments, Kaspersky experts cautioned users against falling for promises of quick riches and advised vigilance when dealing with cryptocurrency transactions. They recommended utilizing comprehensive security measures to safeguard against scams and staying informed about evolving fraudulent schemes.