Scammers target crypto exchanges with fake stablecoins on TON
Blockchain security analysts are urging crypto exchanges to scrutinize deposits closely as malicious actors escalate efforts to flood them with fake tokens on the TON network.
Bad actors appear to be intensifying attempts to exploit crypto exchange deposit systems. Scammers are exploiting fake USDT transactions on the Open Network (TON) as Tether expands its stablecoin support on the network. Data from blockchain security group Dilation Effect shows that malicious actors are spamming crypto exchanges with fake USDT transactions “in large quantities.”
According to on-chain activity reviewed by crypto.news, at least one bad actor has been targeting multiple exchanges, including Binance, Bybit, MEXC, and Gate.io, with fraudulent tokens on TON. Blockchain researchers indicate that the hacker deployed a fake smart contract for USDT on TON, designed to mimic the metadata of the official smart contract.
While fake deposits are not a common thing in the industry, blockchain analysts had previously warned about this type of attack in 2023.
At the time, analysts at blockchain firm SlowMist highlighted the unique characteristics of TON transactions, noting that almost all internal messages sent between smart contracts should be “bounceable,” meaning that if the target smart contract doesn’t exist or encounters an unhandled exception, the message will “bounce” back to the original account.
“If an attacker transfer to an account without a deployed contract, setting ‘bounce’, deposited amount, after deducting the handling fee, will bounce back to the original account. The exchange sees a deposit record, but the deposited currency returns to the attacker’s account,” SlowMist wrote.
However, the firm noted at the time that “almost all blockchains face the problem of false deposits,” adding that the TON blockchain “is no exception.”
While there are no indications that the recent activity has resulted in profit for bad actors, there have been instances where scammers succeeded in attacking trading platforms with fake tokens. As crypto.news reported earlier, a contract upgrade for the GALA token created a loophole exploited by hackers. Following the upgrade, hackers tricked the deposit system of Coinhub, a Mongolian crypto exchange, with fake token deposits, successfully withdrawing all GALA from the exchange.