The TON blockchain, associated with Telegram, has seen tremendous growth in 2024, with the number of active wallets soaring from around one million in January to over nine million by June.
However, this rapid expansion has also attracted scammers. In June 2024, SlowMist, a blockchain security firm, issued a warning about a surge in phishing attacks targeting the TON ecosystem.
As the TON Foundation aims to onboard 500 million users by 2028, it’s crucial to address how users can protect themselves from these threats while continuing to grow.
Telegram Not Responsible for Mini-App Security
It’s important to note that Telegram is not responsible for the security of mini–apps on its platform. Over recent months, many mini-apps like Notcoin and Hamster Kombat have appeared, but not all follow best security practices.
Stepan Chekhovskoi, a lead smart contract auditor at the cybersecurity firm Hacken, emphasized that Telegram’s responsibility lies in maintaining the platform’s security, not in safeguarding third-party mini-apps.
“Telegram ensures the platform’s functionality and user account security but does not control the safety of third-party mini-apps,” Chekhovskoi said.
TON Foundation Encourages Security Measures
The TON Foundation supports the security efforts of mini–app developers and encourages them to adopt strong safety measures. For example, Tonkeeper, a popular TON wallet, now allows users to verify the authenticity of received NFTs.
The Foundation also stresses the importance of community vigilance. They advise users to avoid suspicious links and double-check all details before completing any transactions.
Custodial vs. Self-Custodial Mini-Apps
Chekhovskoi notes that Telegram mini–apps, from a security standpoint, are similar to apps on other platforms. They come in two types: custodial and self-custodial.
Custodial mini-apps, like many wallet providers, must implement robust user verification methods such as additional passwords and two–factor authentication (2FA).
Self-custodial apps, on the other hand, require users to ensure their private keys are well protected with strong encryption. “If an app does not require a complex password or at least a fingerprint for access, it likely does not securely encrypt private keys,” Chekhovskoi warns.
Summary Review: With the rapid growth of the TON ecosystem, users must stay vigilant against scams. Both Telegram and the TON Foundation emphasize the importance of personal responsibility and security measures to protect assets and ensure a safe experience on the platform.
Disclaimer: Remember that nothing in this article and everything under the responsibility of Web30 News should be interpreted as financial advice. The information provided is for entertainment and educational purposes only. Investing in cryptocurrency involves inherent risks and potential investors should be aware that capital is at risk and returns are never guaranteed. It is imperative that you conduct thorough research and consult with a qualified financial advisor before making any investment decision.
