According to blockchain security companies, trading bots that transform the popular messaging platform Telegram into a semi-crypto market pose significant security risks for users. Companies believe that these bots require further scrutiny.
Telegram Bots are Filled with Hidden Dangers
Blockchain security company CertiK stated in an interview with Cointelegraph that although these types of trading bots have been around for years, they have recently gained significant attention from cryptocurrency investors and have caught the eye due to the excessive appreciation of related bot altcoins. According to CoinGecko, the total market value of Telegram bot altcoins has reached nearly $250 million. The largest Telegram bot altcoin in terms of market value is Unibot (UNIBOT), followed by MEVFree (MAVFREE) and PAAL AI (PAAL).
Bots are automated programs that operate through Telegram, allowing users to trade on decentralized exchanges (DEX) by sending messages through the application. However, CertiK warned that many Telegram bots create cryptocurrency wallets for users, and only some actually provide the private keys to these wallets. It remains unclear whether project employees have access to the private keys of these wallets, whether they are stored on the user’s device, or whether they are backed up through Telegram. CertiK cautioned that “while these platforms offer high-volume DEX trading options, they should be considered highly risky and unsuitable for long-term asset storage.”
Currently, the largest Telegram bot altcoin, UNIBOT, has a market value of over $185 million. Data from Dune Analytics shows that Unibot users have generated a trading volume of $155 million through more than 230,000 transactions using the bot.
Centralization Risks in Telegram Bots
Beosin, another blockchain security company similar to CertiK, issued a similar warning on August 5. Beosin highlighted the security risks of using bots, claiming that centralization poses a risk to users’ private wallet keys. Additionally, due to many bots not having open-source code or undergoing security audits, they pose serious security risks, and if a user’s Telegram account is compromised, they could lose control of their funds. Beosin recommended that projects make their code open-source to facilitate security reviews and ensure better storage of user private keys.
The risk warnings issued by both CertiK and Beosin for Telegram bots also indicate that Telegram bot altcoins are at great risk. Potential risks such as theft of user funds by third parties or founders pulling the plug on projects are significant dangers that all these altcoins could face.
