Skip to main content

TRON Multi-Sig Scam (Patched)

What is a Multi-Sig?​

The multi-signature mechanism is a security feature that requires more than one signature to approve certain actions on the blockchain. Imagine it like a group decision where, instead of just one person, multiple trusted people (signatories) must agree to a transaction before it’s allowed. This approach adds extra protection against unauthorized access, making it safer for organizations or groups managing shared assets. Each transaction specifies how many signatures are needed, giving users more control and security over their funds.

What is a TRON Multi-Sig Scam?​

A TRON (TRX) multi-sig scam typically involves fraudsters taking advantage of the multi-signature (multi-sig) feature by creating fake multi-sig wallets or using social engineering tactics to gain access to victims’ funds.

Multi-Coin Patched

Here’s how these scams usually unfold:

  • Fake Investment Schemes: Scammers may set up a fake TRON multi-sig wallet or investment platform, promising high returns or partnership opportunities. They convince users to deposit TRX or other tokens, claiming that the funds will be jointly managed or invested securely with multi-sig.

  • Manipulation of Trust: The scam often targets groups or individuals who trust one another, promising that the multi-sig requirement will safeguard the funds. However, the scammer has set up the wallet or contract so that they retain full control, potentially with a “backdoor” to access funds without the other signatures.

  • Social Engineering: In some cases, scammers pose as “support agents” or “business partners,” gaining access to a user’s private key or convincing them to add the scammer as a trusted signer on the multi-sig wallet. Once they have access, they can empty the wallet without needing further approvals.

  • Fake Airdrops and Giveaways: Some scams ask users to sign a multi-sig transaction or join a multi-sig wallet as part of a supposed airdrop or giveaway. In reality, this setup allows scammers to gain control over users’ funds.

  • Phishing for Private Keys: Fraudsters might use phishing tactics to obtain the private keys of other signatories in a multi-sig wallet, especially if the wallet requires a minimum number of signatures to operate. Once they obtain enough keys, they can approve and execute transactions, bypassing the original multi-sig security.

How to Stay Safe?​

  • Update Gem Wallet: Always make sure to have the latest version of Gem Wallet running on your device. A patch has been deployed to show if the wallet you are accessing is involved in a possible Multi-Sig scam. Do not send any funds to this address, scammers can easily take them out.

TRX Patched TRC20 Patched

  • Check TRX Address: Search for the TRX address on TRONScan to determine if the address has multisig enabled. A warning message "The current account's "Owner Permission is authorized to:" will be shown. At this point, do not use this compromised wallet. Scammers will only steal anything sent to it.

Check TRX address

  • Safe Online Practices: Be wary of unsolicited emails or direct messages asking for your assistance or fake Gem Wallet Support that is offering assistance. They will ask you to send them some TRX or even expose the Recovery Phrase that they have full access to.

  • Educate Yourself: Never share your seed phrase with anyone and be wary of phishing attempts. Regularly educate yourself about the latest online security threats. Staying vigilant and verifying each step helps prevent falling victim to multi-sig scams on TRON or any other blockchain.