According to Bits.media, reported on May 13, multiple Telegram usernames and virtual vanity numbers were sold on the Fragment auction platform at record-high TON token prices; within a few hours after the trades, the attacker launched a forged USDT attack on users of the TON blockchain NFT trading platform Getgems. A Chinese collector reportedly lost more than $800k in a virtual-number code.
Fragment Platform Vanity Number Deal Records
According to Bits.media, the major completed deals on the Fragment platform over the weekend are as follows:
@danbao: sold for 1.58 million TON (about $2.1 million at the time of the trade); the bidding started on February 7, 2026, and is currently one of the highest sales records for a Telegram username priced in TON
@boss: sold for 500,000 USDT
+888 8222: sold for 520,000 TON (about $650k at the time of the trade)
+888 8899: sold for 423,900 TON
Getgems Forged USDT Attack: A Chinese Collector Lost More Than $800k
According to Bits.media, within a few hours after the vanity-number sales, users of the TON blockchain NFT trading platform Getgems reported being attacked. The attacker sent instructions to users via Telegram, asking them to use forged USDT to buy collectibles or rare numbers. According to reports from the Gift Updates Telegram channel, a Chinese collector lost a virtual-number code +888 8321 as a result, estimated to be worth more than $800k.
SIGMA Bot Incident and CTM360 Security Warning
According to Bits.media, the crypto trader Unihax0r reported on social media over the weekend that he suffered losses of about $200k. The attack lasted only 10 to 30 minutes, and it was done manually. The hacker emptied two wallets on three networks—Ethereum (Ethereum), Base, and BSC. Both compromised wallets were created via the SIGMA Telegram bot.
A recent report from security research firm CTM360 said attackers are increasingly using Telegram bots and built-in mini-programs to steal users’ crypto assets. CTM360 said attackers are using the FEMITBOT platform to create Telegram bots intended for fake applications.
FAQ
What was the highest-ever completed record for Fragment vanity-name auctions?
According to Bits.media, the username @danbao sold for 1.58 million TON (about $2.1 million at the time of the trade). Bidding began on February 7, 2026 on the Fragment platform, and it is currently one of the highest sales records for a Telegram username priced in TON.
What were the specific methods of the Getgems platform attack, and how large was the victim impact?
According to Bits.media and reports from the Gift Updates Telegram channel, the attacker sent forged USDT purchase instructions to users via Telegram. As a result, a Chinese collector lost the virtual-number code +888 8321, estimated to be worth more than $800k.
What are CTM360’s main warnings about the security threat posed by Telegram bots?
According to CTM360’s latest report, attackers are increasingly using Telegram bots and mini-programs to steal cryptocurrencies. The FEMITBOT platform is used to create bots for fake applications. In addition, wallets created via SIGMA Telegram bots were also compromised during the same period.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
