According to Bits.media, Telegram usernames and premium numbers sold for record-high prices in TON tokens on May 13, with @danbao fetching 1.58 million TON (approximately $2.1 million) from an anonymous buyer last weekend, marking the platform’s highest transaction. Other premium numbers followed: @boss sold for 500,000 USDT, +888 8222 for 520,000 TON (approximately $650,000), and +888 8899 for 423,900 TON.
Hours after these transactions, attackers launched targeted phishing attacks using counterfeit USDT on NFT trading platform Getgems. A Chinese collector lost a premium number +888 8321 worth over $800,000. Additionally, a crypto trader who created a wallet through Telegram bot SIGMA lost approximately $200,000 across Ethereum, Base, and BSC networks. Security researchers noted that fraudsters are increasingly leveraging Telegram bots and mini-apps for cryptocurrency theft.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
A Telegram username sold for a million-dollar price triggers a forged USDT phishing attack
According to Bits.media, reported on May 13, multiple Telegram usernames and virtual vanity numbers were sold on the Fragment auction platform at record-high TON token prices; within a few hours after the trades, the attacker launched a forged USDT attack on users of the TON blockchain NFT trading platform Getgems. A Chinese collector reportedly lost more than $800k in a virtual-number code. Fragment Platform Vanity Number Deal Records According to Bits.media, the major completed deals on the Fr
MarketWhisper53m ago
Aave and Kelp Complete First Step of rsETH Recovery, Destroy 117,132 rsETH on Arbitrum
According to ChainCatcher, Aave and Kelp have completed the first phase of their rsETH recovery plan, destroying attacker-held rsETH on Arbitrum. Over the coming days, the parties will gradually replenish funds to LayerZero's OFT adapter and phase in the restart of rsETH operations, with 117,132 rsE
GateNews3h ago
Bitcoin Network Flooded With 200,000 Fake Node Addresses Since April 9, Sparking Sybil Attack Concerns
According to Bitcoin developer Jameson Lopp, roughly 200,000 unreachable node addresses have been flooding Bitcoin's peer-to-peer network since April 9, 2026, raising concerns about a potential Sybil-style attack. The anomaly caused ADDR messages—the protocol nodes use to share peer addresses—to
GateNews7h ago
The U.S. DOJ charges three men from Tennessee for cross-state wrench attacks: robbed a California crypto holder of $6.5 million
The U.S. Department of Justice on May 12 filed federal charges against three Tennessee men: Elijah Armstrong, Nino Chindavanh, and Jayden Rucker. The three allegedly crossed state lines into California from November to December 2025, disguised themselves as delivery workers to break into the homes of cryptocurrency holders, then after restricting the victims’ movements with firearms, zip ties, and tape, forced them to transfer crypto assets, with the single largest amount reaching $6.5 million.I
ChainNewsAbmedia13h ago
Aurellion Suffers Attack, 455,003 USDC Drained Today
According to Slow Mist, decentralized shipping project Aurellion suffered an attack today (May 12), with attackers gaining control of the Diamond contract and draining 455,003 USDC from multiple authorized victim
GateNews16h ago
SlowMist Detects 'Mini Shai-Hulud' npm Worm Stealing CI/CD Keys and Crypto Wallet Data
According to blockchain security firm SlowMist, its threat monitoring system MistEye detected a sophisticated npm worm named 'Mini Shai-Hulud' spreading through developer projects including TanStack, UiPath, and DraftLab. The malware uses compromised GitHub credentials to publish packages
GateNews20h ago
