Security
Scams, phishing, drainer sites — what gets stolen and how to defend.
9 articles
- Security May 14, 2026
Bug Bounty on TON: Programs, Payouts and Realism (2026)
Catalog of active TON bug-bounty programs in 2026: TON Foundation up to $100k, Tonkeeper up to $30k, STON.fi, Tonstakers, EVAA.
- Security May 14, 2026
TAC Bridge Drain 2026: anatomy of a $2.5M+ TON attack
On-chain forensics of the TAC bridge drain that started 11 May 2026: handler 0x0E50D313, no validator-signature check on TON, attacker addresses
- Security May 14, 2026
TON mnemonic vs BIP-39: why addresses differ
Why the same 24-word seed phrase yields different addresses in Tonkeeper, MyTonWallet and Ledger. Deep dive into TON mnemonic, BIP-39, BIP-44
- Security Apr 2, 2026
TON stolen: first 30 minutes step-by-step (2026)
Action plan for the first 30 minutes after TON or jettons are stolen — how to save remaining funds, trace the attacker's address
- Security Mar 24, 2026
Anatomy of phishing: how to spot a fake TON wallet site
Step-by-step breakdown of how attackers clone Tonkeeper and MyTonWallet sites, the markers that give away a fake
- Security Mar 20, 2026
Drainer sites in TON: how they work and how not to fall
Technical breakdown of drainer campaigns in the TON ecosystem in 2025-2026 — from Drainer-as-a-Service to specific TON Connect tricks
- Security Mar 15, 2026
Top 10 TON scams on Telegram and how to defend yourself
What schemes attackers run on Telegram against TON users in 2025-2026, real loss figures and step-by-step defence rules for retail.
- Security Mar 1, 2026
Secure seed phrase storage: 2026 practices
How to write down, split and store a TON wallet seed phrase in 2026 — paper, metal, hardware wallets, and Shamir Backup schemes in practice.
- Security Feb 4, 2026
How to protect a Telegram account from takeover: practice
Full guide to Telegram defence against SIM-swap and session hijacking — Two-Step Verification, cloud password, eSIM