Researchers at Kaspersky have recently identified a sophisticated scam targeting Telegram users worldwide, aiming to steal Toncoins (TON) through a deceptive scheme. Since November 2023, fraudsters have capitalized on the increasing popularity of the TON cryptocurrency and Telegram, a widely used messaging platform. They lure victims using a referral system that promises access to an “exclusive earning program,” shared via personal contacts. This approach has successfully attracted users from various regions, making them susceptible to further manipulations.
The core of the scam involves victims being directed to connect with an unofficial Telegram bot, which is falsely presented as a legitimate cryptocurrency storage solution. To create a sense of legitimacy and security, victims are also encouraged to purchase Toncoins through official sources like Telegram’s native bot, peer-to-peer (P2P) markets, or established cryptocurrency exchanges. This dual approach of using both legitimate and fraudulent components makes the scam particularly convincing and dangerous.
Once trust is established, the fraud deepens with the introduction of so-called “boosters,” which scammers claim can significantly increase earnings from Toncoin investments. These boosters are creatively named — such as “bike,” “car,” “train,” “plane,” and “rocket” — with costs varying from 5 to 500 Toncoins, depending on the tier. Victims are misled into purchasing these boosters, which are touted similarly to game-like upgrades that supposedly provide financial advantages, further exploiting the interactive and engaging nature of the platform.
Kaspersky has issued warnings urging users to be cautious of too-good-to-be-true offers and to maintain vigilance while handling cryptocurrency transactions. They recommend employing comprehensive security measures and staying informed about new types of fraudulent schemes that exploit popular platforms like Telegram. As the TON network continues to grow, driven by its large user base and the backing of an independent community, it remains an attractive target for such scams, underscoring the need for continued awareness and preventive actions by all users.
