Tron Multi-Sig Scams: What they are and how to prevent them

With the rapid evolution of blockchain technology, we are enjoying its numerous benefits and new possibilities. However, this progress has also opened doors for malicious actors who exploit technological vulnerabilities to perpetrate fraud and attacks. In this section, we will delve into a specific threat — the Tron Multi-signature Scam—outlining its tactics and providing advice on how to safeguard your assets.

Single-signature Wallet VS Multi-signature Wallet on Tron

In a single-signature wallet, only one user (the transaction initiator) signs the transaction, so a single-signature wallet cannot provide shared control over cryptocurrency. Multi-signature wallets solve the shared control problem by introducing an approval quorum, where multiple signatures from different co-signers are required to authorize a transaction. Therefore, we can see that multi-signature wallets have the following advantages:

  •  Multi-sig wallets enhance security by requiring multiple private keys to authorize a transaction. This added layer of protection significantly reduces the chances of unauthorized access and theft of funds.
  • Multiple signature functions allow for permission grading, and each permission can correspond to multiple private keys. This makes it possible to achieve joint control of accounts with multiple people. 
  • It can also make it difficult for hackers to steal funds from a wallet, because they must have the different keys to complete the action. This feature is especially desirable and useful when the assets belong to multiple parties in a company or a decentralized autonomous organization (DAO) etc.

When a TRON Multi-Signature wallet is created, the default permission for the wallet owner is assigned to the account itself with a threshold of one. In other words, transfers from the wallet only require authorization signed by one address.

Note: Owner permissions represent the highest level of control over a TRON account. With this permission, an address can operate the account in various ways.

Using deceptive mnemonic phrases, scammers change the user’s TRX account permissions to gain owner access, increasing the threshold to two. In this scenario, to send cryptos from the wallet, authorization needs to be signed by both the user’s address and the scammer’s address.

How does the Tron Multi-signature Scam Work?

The common TRON multi-signature scams involve malicious actors claiming that TRX is needed to pay transaction fees in order to convince victims to share TRX tokens. 

Another scam involves tricking victims into sharing their private keys or seed phrases and converting their wallets into the multi-signature type to maliciously control the assets. Such scams are often done via the following methods or channels: 

  1. Promoting top-up websites on social media platforms such as Telegram to lure users to deposit with their digital tokens. Some scammers can get the owner permissions of a user’s account while they are making deposits.
  2. The scammers release their mnemonic phrases or private keys on social media platforms such as Telegram and WhatsApp to lure users to send TRX as transaction fees into wallets. In actuality,  the owner permissions of those wallets have already been transferred by scammers, resulting in all TRX in the wallets being stolen.

Usually the scammers will spread seed phrases and wallets online to phish victims into importing them into the SafePal Wallet App.  Releasing their mnemonics or private keys on social media platforms such as Telegram and WhatsApp to lure users to send $TRX as transaction fees into wallets. But in fact, the owner permissions of those wallets have already been transferred by scammers. In the end, all TRX in the wallets will be stolen by the scammers. The following screenshot is an example:

These seed phrases are configured as multi-sig(multi-signature), allowing  only the scammers to move the cryptos in the wallet. For more details and explanation about the multi-signature wallet, you can refer to the article in this link. When you are trying to transfer or move cryptos from the wallet and see the error message: SIGERROR code, or notifications such as “The private key of this address does not exist in the wallet. You cannot transfer assets from this address”, this means you are mostly using a multi-sig wallet created by the scammers! 

Note: If your SafePal wallet is the latest one, you will see the following warning message to warn you of the multi-sig scam:

As such Tron multi-sig wallets require signatures from both the user’s address and the scammer’s address to approve transactions — any transaction made by the user will also require  authorization from the scammer’s address. If the scammer’s signature is missing, users will encounter an error message saying “SIGERROR” in the SafePal wallet.

Consider a company with two partners who believe that all significant decisions should be authorized only if both partners agree (i.e., a multisignature requirement). If one partner disagrees, the decision is not approved.

A Multisig TRON account operates similarly. Thus, even with the mnemonic phrase, the account user cannot transfer tokens on their own.

Users can only transfer cryptos into their account but cannot transfer them out. Scammers exploit this by playing a long game. If a user only receives payments into the account from others and never checks the account permissions, tokens can continue to be transferred into the account.

How to Prevent Multi-signature  Scams?

The following are some useful tips to prevent the multi-signature scams:

  • Never use the wallet or mnemonic phrase shared or given by others
  • Securely keep and protect your mnemonic phrase and private key in safe locations 
  • Always beware of scammers and be wary of strangers on social media, especially the people who DM you first as it is usually too good to be true.
  • Never share your private keys or mnemonic phrases with anyone, even if they claim to be technical support or a friend (SafePal team members will never ask for your private keys or mnemonic/seed phrases and any who do are likely impersonators)

Closing

Technology is developing rapidly. When enjoying and using nascent technology and products, we must always be wary of new scams and remain vigilant. 

If you encounter or discover any cases of fraud, please report them to SafePal’s customer service channel here, for team members to follow up in a timely manner and warn other users. 

Remember, the key to effective protection against e-signature software phishing scams lies in proactive prevention, continuous vigilance, and a comprehensive cybersecurity strategy tailored to the evolving landscape and threats. Stay informed, stay vigilant, and stay secure.

Recent Posts