Do you know what the funniest thing about TON is?
What no blockchain in the world has had:
- such a resource as your own magical messenger (Telegram)
- influencers like Pavel and Nikolai Durov
- a gang of Olympians
- such an absolutely tolerant, loving and all-supporting community
And you had to be a real complete asshole to screw up everything in such a short period of time in such a reality.
This investigation brings together facts collected by the channel administrator Ghost In The Block . All data was obtained from open, publicly available sources.

 

Creation of Telegram

The project was created by Pavel Durov, the founder of the Russian social network VKontakte (VK). Several years before Pavel and Nikolai Durov left VK in 2014, they began developing the messaging app. The development of Telegram was cited as one of the reasons for the conflict between VK shareholders. In an interview with The New York Times, Durov said that the initial idea for the app came to him in 2011, when special forces came to his door. This allegedly occurred in December 2011, when the FSB demanded that Durov block five communities (four of which contained the phrase "against United Russia" in their names) and two user meeting groups.
After they left, Durov wrote to his brother, Nikolai. It was then that he realized he had no secure way to communicate with his brother. The service is built on MTProto, an encrypted messaging technology developed by Nikolai Durov. Telegram was initially an experiment by Pavel's company, Digital Fortress, to test MTProto under heavy loads.
On August 14, 2013, the first Telegram client for iOS devices was introduced.
On August 22, 2013, one of the participants of the Durov's Android Challenge wrote and released the first application for the Android operating system compatible with Telegram (using the same MTProto protocol).
Work on Telegram began in January 2012.
Telegram launched in August 2013.
Maintaining a project like Telegram is expensive, and for many years Pavel Durov did it out of his own pocket. This couldn't continue forever.
In April 2016, it became known that in May 2015, Google was considering purchasing the messenger for more than $1 billion.
December 2017 – Public information about Pavel Durov moving to Dubai, and Telegram's office located on the 23rd floor of the Dubai Media City skyscraper.
In 2018, notifications were filed with the US Securities and Exchange Commission regarding the participation of TON Issuer Inc. and Telegram Group Inc. in two ICO rounds raising $850 million each.
Gram is a cryptocurrency based on the Telegram Open Network, or TON, blockchain platform being developed by Telegram. According to its developers, Gram is intended to become a cryptocurrency equivalent to Visa and Mastercard.
On May 12, 2020, Telegram issued a statement announcing that the TON blockchain platform, as well as the Gram cryptocurrency, would never be released. In his Telegram blog, Pavel Durov blamed the American court for the project's closure.
On February 6, 2021, Pavel Durov met with Dubai Crown Prince Hamdan bin Mohammed Al Maktoum, where he discussed Telegram's success story.
In February 2021, Durov received citizenship of the United Arab Emirates.
On June 11, 2021, Pavel Durov and his team deleted virtually all virtual SIMs and e-SIMs, along with their accounts, users, IDs, and bot farms—tens of millions of accounts.
In early August 2021, the Telegram team donated the original GitHub repository and the ton.org domain to the TON Foundation, an open developer community.
In August 2021, Durov received French citizenship.
 
 
March 6, 2022 - Crosser Bot "hack"
In May 2022, a hint of paid features was discovered in the messenger's description, as the phrase "Telegram is free forever. No ads. No subscription fees" was replaced by "Telegram provides free unlimited cloud storage for chats and media."
On November 10, 2023, the Wallet cryptocurrency bot was launched on Telegram.
June 6, 2024, Telegram STARS launch.
July 3, 2024, Major launch.
On August 24, 2024, Pavel Durov was detained upon arrival from Azerbaijan at Le Bourget Airport in France.
On December 28, 2024, the Open League bot was hacked.

Dubaiing

Having moved to Dubai, Pavel, an undeniably talented developer and businessman, set a new standard for success. While the rich, beautiful, and successful had long ago decided on vacation spots, the question of work locations was still open. London, Zurich, Bangkok, New York, Moscow, Beijing—each had their own location, depending on their connections and needs. In 2018, Durov moved the core team to Dubai, while a few remained working remotely for various reasons. As we recall, in 2018, work was in full swing on the TON blockchain and the GRAM cryptocurrency, which immodestly aimed to compete with Visa and Mastercard and was likely, if not to take off, then certainly to survive, given its unique asset—a popular messenger and a loyal audience. Back then, blockchain projects were seen as useful, but crypto remained niche. Do it well or don't do it well; there were few up-and-comers working on large-scale projects. Pavel's brother Nikolai and several other developers who joined the Telegram team from VK worked on the creation of the TON blockchain.
2020. Such a potentially powerful and uncontrollable figure on the financial board didn't sit well with the US government, and GRAM was prevented from going public, being passed off as a security rather than a cryptocurrency. Thus, Pavel Durov lost his investment money and the opportunity to monetize Telegram the way he wanted.
Nevertheless, the project was not shut down, and according to official statements in early August 2021, more than a year after the TON project's closure, the Telegram team donated the original GitHub repository to the TON Foundation, an open developer community, along with the ton.org domain , which previously housed information about Pavel and Nikolai Durov's aborted blockchain project. Pavel has always been generous to his friends, but from this point on, it began to reach a new level.
The second half of 2021 is seeing the popularization of a new standard of success. Developers of all levels, their girlfriends, friends, acquaintances, the wealthy and successful are starting to come to Dubai not for shopping, but for "work." After all, there's plenty of work to do, and a dedicated blockchain on which to launch any project. Meme tokens, NFTs.
Despite the TON cryptocurrency's release on exchanges, Pavel was hesitant to implement it directly in Telegram, limiting himself to adding it to @wallet. The creators of this bot, Pavel's friends, also received generous gifts. @wallet was added to the app's sidebar and effectively became Telegram's semi-official wallet. And the fact that he owns the @wallet nickname speaks for itself.
Big, easy money was still a long way off, so one application for the TON blockchain was... Tickets to Dubai crypto parties. At these events, those "close to the holy cow" shared insights, talked about their grand plans, boasted about success stories, and generally extorted money from those who wanted to get closer to them. Tickets to these events were minted as NFTs on the TON blockchain, and to receive an NFT, you had to link your personal WEB3.0 wallet. These NFTs were then even gifted to friends of friends ( NFTs have no real-life value, mind you ).
For those who don't trade crypto or understand the market at all, it's important to understand that various meme coins began to emerge—essentially shell assets with their own Telegram groups, large followings, and a fair amount of advertising mentions. Upon listing on an exchange, their prices soared by 4, 5, or even 10X, only to plummet immediately afterwards. The classic hamster-shaving cycle repeated itself over and over again: these projects emerged, instantly gained popularity, rose, and then fell.
But don't confuse scam coins with meme coins. While both formats are essentially unsound, meme coins can last for months, even years. They can be used in various charitable projects, while rising or falling in price as they gain popularity. Scam coins are literally scams; only the creators can profit by selling them at the highest price, leaving naive "investors" penniless.
For those who've been using Telegram for a while, and by "long" I mean at least since 2017, the changes in Telegram over the past year and a half are quite obvious. And these changes are far from for the better. From a user-friendly messenger whose functionality WhatsApp simply destroyed, from talk of a unified workspace within the app, Telegram has increasingly moved toward kitsch—empty but beautiful, unnecessary but popular. The only useful thing about Premium is the lack of ads. The main updates are focused on reactions, stories, stickers, mini-ups... and STARS. STARS, of course, the long-awaited monetization of Telegram. But we'll talk about that later.
And now, the next chapter.

Start

The Open League (TOL) is a competition between projects and users in the TON ecosystem. Projects attract new users to TON, and users are rewarded for their activity. It is designed to increase user engagement in the ecosystem, help projects expand their user base, and develop more attractive and functional products ready for the wider Telegram audience.
28.12.2024
The main Open League bot was hacked. TON, of course. All the data was leaked.

 

 
Despite the seriousness of the event, it went unnoticed. Whether it was the New Year or a reluctance to stir up trouble, the fact remains. The flawed development and implementation of so-called "Web 3.0" projects, especially those originating from the Dubai-based TON team, poses a serious threat. Many of these projects use internal transactions, which are often poorly implemented. For example, there's a risk that Telegram user IDs could be embedded directly into transaction comments. This creates additional opportunities for mass deanonymization, which could lead to serious consequences for users. Although, why risk it? That's exactly what happened.
They literally dumped everyone. All the organizers of crypto parties, all the participants. The entire TON leadership, all the NFT ticket holders.
I'll attach a deanon for credibility:
1. id: 191832936
2. @mironpuzanov
3. Miron Puzanov
4. Ecosystem Manager - TON Foundation
If something similar had happened at the team level—on the Bitcoin or Ethereum networks—the outcry would have been incredible. Crypto enthusiasts are well aware of the website Bitcoin Obituaries, which ironically collects and counts all the news stories "predicting Bitcoin's death" after this or that event (it's died 477 times, in case you're wondering). Perhaps such an incident within the Bitcoin team could have truly buried it. But apparently we're no longer talking about blockchains and cypherpunks when we're talking about TON.
Cypherpunk is a movement that emerged in the early 1990s that advocates the use of cryptographic technologies to protect privacy and human rights.

To summarize

Linking identifiers and wallets
One of the fundamental principles of cypherpunk is the unlinking of identity to assets. But here we see a direct link: usernames (clearly Telegram ones), IDs, and wallets. This puts an end to users' anonymity and makes them a potential target. What's stopping someone from now accessing other data or linking it to real identities? Nothing.
Centralized control over data
The cardinal sin of decentralization is storing sensitive data in centralized databases. That's what happens when someone decides it's "more convenient." One leak, and all that "security" is ruined, and with it, your reputation. Cypherpunk is nervously smoking on the sidelines.
Unjustified data collection
Why store such information at all? Especially in a format where the username is linked to an identifier and wallet. If we're talking about decentralized systems, such data collection is inherently contrary to the very idea.
No protection against failures
Where's the hashing? Where's the data masking? Even if this database was intended for internal use, the data could at least have been masked so that it couldn't be directly compared.

Consequences

Deanonymization of users
If a person has linked their crypto wallet to an account linked to real data (for example, a Telegram username), all their financial activity becomes public information. And then it's a matter of technique: a little OSINT, and you can even find the person's address.
OSINT (Open Source Intelligence) is the process of collecting and analyzing information available from open sources to extract intelligence.
Target for attacks
Users whose data ends up in this database become potential victims. Phishing, social engineering, account hacking—there are countless scenarios.
And since such a leak has occurred, and the data is now publicly available, it is the direct responsibility of the osinters to analyze and systematize this data.

@Roxman

I didn't notice the famous Roxman for a long time. But I followed him, read him, and analyzed him. Roxman is also the founder of Major and several other "projects."

 

July 2019

 

Roxman created a Telegram account. He would later "buy" Ruslan Odzoev's account with ID 25.

March 2022

 

Munich is Munich

 

It looks like the @Soon account used to belong to the wife.

 

He's a real hero, a real reaper, and a real piper. And even @major_supp. He's a real one-man band.

 

We need to look at his interests. It seems to me he is a dissident.

 

Abdurakhman doesn't like Kadyrov. What does he read from his personal account?

 

 

1ADAT found.

1ADAT is a Chechen opposition movement led by Ibrahim Yangulbaev. It gained notoriety thanks to a Telegram channel whose authors criticize the head of the Chechen Republic, Ramzan Kadyrov.

 

In general, it was after 2022 that Roxman found himself on the run in Ukraine.
And it won't even lose contact with Ukraine in 2024. We need to figure out how to cash out the hryvnia.

 

 
June 2023

 

In June 2023, a short test had to be taken on the @Roxman channel.
But first, you need to subscribe to the channel. Some RAM

 

 

 
Ram is Ramzan. Brothers in the diaspora don't abandon their own. Blood is what unites.

 

Ramzan has been in high tech and Telegram for a long time. He creates his own bots.

 

 

Ramzan and Abdurakhman are connected. Their paths joined in July 2023.
Maybe earlier, but in July there are already traces.
 
July 2023

 

August 2023
Ramzan was in high tech, and in Telegram in general, long before Abdurakhman.

 

Ram and Pavel Durov definitely know each other. I think Abdurakhman got involved through his dear brother.
 

Ramzan was everywhere.

Telegram is fixing bugs based on Ramzan's tip.

 

I managed to keep up with all the trends, so to speak.

 

 

Ramzan and Abdurakhman playing games. August 2023.

September 2023

 

 

 
I'm not the only one who has this question. Why, Pavel?
This is September 2023, long before the launch and integration of MAJOR.
Perhaps Pavel Durov is in a dependent position. Like a Chechen security detail. Or some kind of gay incriminating evidence.
It’s hard to imagine that our St. Petersburg intellectual, raised in the best traditions of Valery Durov, would be friends with such types.
Or types. The dark ones, looking for a victim and a source of income to improve their financial situation. And buy themselves a Rolls-Royce like Askhab Tamaev's.
Do you know what the biggest joke is?
The thing is, these hackers from MAJOR are now the official verifiers for all of Telegram. And Pavel Durov personally gave them this authority. It's not hard to guess what will happen to your data.

 

Why is this appearing here? In the top 3 Telegram insider channels?

 

 
November 2023

 

The insider is organizing a joint prank with Roxman.

January 2024

 

Here, Abdurakhman mentions Pavel's business meeting, which he will also attend. January 19, 2024.
April 2024

 

Of course, Ramzan is everywhere. On TON and even on OKEX. He sends transactions of 1,000 TON.

 

I didn't have to search for long. There were almost no coins or money left.

 

 

And this is basically confirmed by Abdurakhman's leaks from the MAJOR app. Here are the top 50 wallets. And only the top 30 and above (out of a million) hold balances in tones exceeding 5,000 USD. A simple homeless chain.

 

 
Let's take a look at the technical wallet , which is linked to three Telegram IDs in the app. The second one on the list has a balance of 15,676 tones. This is Abdurakhman's.

 

It contains majors worth 90k USD and 90k USD in tones for today.
May 2024

 

 

 

What do you mean, "Durov played it and gave us a nickname for 250,000 USD"? How does that work?

 

Telegram usernames are expensive these days. Well, okay, that's all for our own. For everyone else, it's up to the law.

 

Ramzan participates in all of Pavel's movements.

June 2024

 

Abdurakhman is given a beautiful anonymous number for $20,000. Who is it...?
August 2024

 

 
On August 20, 2024, Abdurakhman posts stories from Azerbaijan. Pavel, and likely Yulia, are also there at the same time. They then fly to Europe simultaneously.
 
September 2024

 

 
Strange actions of Pavel, for the sake of DEAR BROTHER.
November 2024

 

 

 

 
Andrey Grachev and DWF Labs are obviously involved in all this chaos. They're the ones handling the listings, consulting on tokenomics, and the principles that need to be followed to maximize the appeal of the CIS audience.

How has Abdurakhman been traveling for 15 years? If he's really 27, then minus 15—that means he's been traveling since he was 12.

 

 
Apparently, Ramzan was an early insider on all of Pavel Durov's topics. He was ahead of everyone else, of course. Naturally, he made a good living. And you have to understand that this is Ramzan's public profile, where he posts his thoughts, cars, and landscapes. There must be other personalities and subpersonalities, too.

What can be learned from the drain?

We have a database of all Telegram IDs of MAJOR users on the TON blockchain.
Attention, question:
How do we find a user and match everything? That's right, use MAJOR's own API.

 

And voila, we have the wallet address of the Head of APAC | TON Foundation.

@k0xinga
EQCt9nvwnGKQhiFFT2ShQ4RgH95i-oneQAUvXyy-pqLc9x0E
UQCt9nvwnGKQhiFFT2ShQ4RgH95i-oneQAUvXyy-pqLc90DB
There are 5 thousand USDT on the balance.

 

 
And if you're asking who's constantly pouring into the glass, you shouldn't have any doubts. Dubai penthouses, luxury apartments, and Hermès saddles aren't going to buy themselves.

 

 

 
2.7 million records have already been leaked from a multitude of tapalok.
All of them, with absolutely complete, 100% detail and deanonymization, are located in a number of Telegram chats and channels.
1. The wallet number is linked to an ID or @username.
2. This same wallet number will then lead us, through the delivery databases leaked by Ukrainian hackers, directly to the individuals.
3. Addresses, passwords, names, passports, SNILS, TIN. Relatives, phone numbers, cars, real estate, flights.
Thus, not only the top TON scammers were deanonymized, but I would say all active users of this Dubai blockchain. You connect a wallet, enter a secret word, and receive an NFT for participating. That's how it all started. They also hold events similar to Ton Dubai. The principle is the same: fill out a form, pay, and receive a ticket. As a side note, I'll point out that among the 2.7 million wallets and usernames leaked, there will naturally be duplicates, as some were claimed multiple times. So please don't think there are that many people on the TON blockchain.
 
I believe there are significantly fewer of them. Blockchain analytics in tapalki looks something like this.
 

This is Abdurrahman's wallet. And all his actions.

UQBZ1Lzyfx81Vph2EL2jsQk9pzqo3SC5wit6OyS23ZrUO_xH
Let's attach Abdurakhman's second secret wallet. Based on the connections obtained in his own app. Oh, and where did the rich kids go? Doesn't the CEO trust his own token?
 
 
Abdurakhman's drain of his own token was at the bottom, so that, apparently, another bottom would appear.

 

@major_supp
As we already know, this is one of Abdurakhman's accounts, the one he used to confirm transactions. I emphasize, this was a self-dumping of his own app. Few people understand the tricky part about anonymous numbers, which are so anonymous thanks to Abdurakhman that once you rent them out to Major, you immediately link your Telegram ID/@username to your TON wallet, and this data is publicly visible—for everyone.
And now Abdurakhman's friend is selling his coins before they are covered in leaves.
Wallet: 
UQApIZ9MgeLvwHkwKEKnBQXbMvfXoZ00PqbYyU6bT8B0IHv9
Received coins:
Sold coins:
Friend Roxman @unixtux, hammers into the glass when the coin has not yet been listed.

 

And right now, we need to figure out who @unixtux is, who also happens to be the admin at memhash. Yes, that same memhash that "got it in two days and no ads."

@UNIXTUX

Judging by his interests, @unixtux is a fairly strong developer.
 

 

 

 

 

 

 

 

His interests are quite broad, and I think they say a lot about the person. There was also information that he uses the nickname /dev/null .
 

 

 

Let's remember the nickname - Chakra-Rip. Quite rare.

 

It is the chakra-plucker / @unixtux / @id2xx, who is also the best friend of Roxman, and now Pavel Durov, who is the developer of MAJOR and MEMHASH

 

And it was @unixtux who added our second secret friend to the Ukrainian cyber group CAS. Do you know why he added our friend there? Because he works there.

 

What is CAS?
Article 1
- Article 2
Chakra-Puller is buying the username @kvant for whom? For our second very important secret friend.

 

A beautiful coincidence in nicknames. Don't you think so?
1. @id2xx is Chakra-Puncher. @unixtux. Right-hand man of Roxman. Ukrainian hacker involved in all high-profile hacks and data leaks in Russia in recent years. Member of the CAS group. Admin of MEMHASH. Developer of MAJOR.
2. @id9xx is his friend, Quantum. He was invited to CAS by Chakra and worked with them for a while. Of course, in Russia and Belarus.
Please explain why Roxman, Ramzan and the combat cyborgs from Ukraine are parsing 11 thousand open Telegram groups, hoping that there will be more Russian speakers there?

Hacking the Crosser bot

These are events that happened three years ago, right after the start of the SVO, with the well-known crosser_bot.

 

 
Of course, the bot wasn't hacked. One of its admins apparently got overwhelmed by the news and began posting in hundreds and thousands of channels where he was an administrator. He posted various pro-Ukrainian, anti-war, and anti-Russian messages.
I believe that the chakra-ripper was most likely already involved with this bot back then, and I'll explain why now.
Back then, every channel purchased ads almost manually and very often received bots. The practice was such that it was practically impossible to get ahead on Telegram in 2017+ without a budget of, say, $300,000. Half of the budget was obtained through bots, depending on the contracts, guarantors, situation, topic, and author. I think many of these bot farms most likely belonged to Chakra.
What does @crosser_bot have to do with this?
I think it belonged to him too, as a talented developer and early telegrammer.
What was the point?
Every channel was "boosted." Sometimes with rapid bot uploads, 10, 200, or 500 thousand. Sometimes slowly, 50, 100, or 1,000 a day. Deleting them was impossible. Telegram wouldn't even let you see the subscriber list.
The crosser was salvation. All it took was a small bribe to get a magic shield. And the bot would either repel the flooding, or stop it altogether. "We don't bother those who pay." I think that was the tactic. Meanwhile, all the other admins—hundreds, thousands, tens of thousands of Telegram channels—were struggling every day, fighting spam attacks. Meanwhile, Telegram support believed that the author was the one running his own bots and could easily remove the inflated channel. Where should you go? That's right. Crosser.
This is a highly professional, well-thought-out, logically correct, and well-made bot. There are only a couple of people in the entire world capable of such a thing today. Naturally, they're targeting Russia. As soon as the author or admin stopped paying to renew their subscription, they'd be immediately bombarded by tens and hundreds of thousands of bots. Sometimes they were high-quality—with avatars, usernames, full names, and bios. Sometimes they were just some obviously Iranian, Indian, or poor Asian traffic. Pay up.
This practice was likely prevented right here, on June 11, 2021, by someone on the Telegram team, when Telegram deleted tens of millions of accounts with virtual numbers. I don't know the intentions behind it.
But the fact is that Pavel Durov today—with the help of @Roxman and @unixtux —has done the same thing, only for millions of dollars. And the person in charge of this entire enterprise is none other than @unixtux himself.
My opinion is that he's extremely talented. And most likely, he's been around for years. He's obviously from Ukraine. And, to put it mildly, he's anti-Russian.
I think he was the @crosser_bot admin who formulated it, came up with it, described it, wrote it, and released it into production. And only later did he realize he needed to start racketeering bot farms against Russian Telegram admins. After that, either he or his bot operator lost their nerve and sent out corresponding messages to all chats and channels where @crosser_bot was an admin.
And if I'm right, then the combat cyborg did the same thing today. True, this time with the assistance of @Roxman. Who, apparently through Ramzan, contacted Pavel Durov and proposed creating the largest bot farm named after Pavel. Selling ads, traffic, STARS, reactions, views. And even simulating Telegram's performance by inflating its metrics—probably for a successful IPO, raising funds through bonds, and, of course, selling TON to cultists who need to see activity in hundreds and thousands of TON inflated channels. In various tapaloks, apps, and even news channels. So that everyone can see that Pavel is very big, very strong, powerful, and popular. We definitely need to give him money.

Introducing @roxman and unixtux

Most likely, it was in Ukraine, where Rox was in transit to Munich.
Apparently, this is some kind of collaborative blog . Lots of discussions.

 

 

July 28. Aktau, Kazakhstan.

 

 

 

The question is asked by Roxman from his second account.

 

I think @roxman and @unixtux run this blog together. The former posts neural networks and technology. The latter posts verses and news from Palestine.
Apparently, our genius is banned from entering the country. Perhaps because of his recent jobs.

 

Or political positions. He is the foundation of MAJOR. Or rather, the executing logical brain of the project(s). The driving creative force is apparently @Roxman, a kind of Chechen passionary.
There is no need to comment here.

 

STARS

 

 

On June 6, Pavel launches the stars.
A month later, Abdurakhman launches #MAJOR

 

I think the scheme looks like this.
STARS are being purchased en masse around the world using cards with a 30% commission. They're available in the App Store and Google Play, and anywhere Visa and Mastercard are valid. After that, the task is quite simple: bypass the 30% and effectively earn it. Pavel has written many times that he'll recoup that 30% if it was spent on advertising on Telegram. Meanwhile, Apple and Google (read: NATO members) don't lose anything. Pavel pays out of his own pocket, offering a sort of discount.

 

Thus, we have an unlimited supply of non-cash funds worldwide, which are used to buy STARS. After which, apparently, they are used to buy advertising. It's a kind of market. An exchange.
1. You need to find those who need to cash out the cards.
2. You need to find those who need to receive advertising on Telegram.
The delta is very large – 30%. However, another 5-10-15% can obviously be written off from those who want to move into crypto or cash. And those who want advertising can apparently be given a discount off the official advertising price from providers. Durov, of course, is not involved in such matters – all this is done by third-party companies that understand how to make money.
1. By attracting funds for Pavel from all over the world to his accounts and acting as his de facto exclusive managers with huge discounts.
2. By establishing a supply chain and providing services for the gray conversion of non-cash funds into crypto with minimal losses, through advertising, numbers, TON, or other means where permitted.
The more cashless transactions are considered gray or black—carding, for example, gray payments, drugs—the more consumers will be willing to pay for cashing out. In fact, I think the price could reach up to 20%. So, we're looking at 30% from Pavel and 20% from the carders. Can you make 50%?

 Basic elements of the circuit

Bulk purchase of STARS via cashless payment
STARS are purchased with cards through the App Store and Google Play with a 30% commission. This applies to countries where the banking system is stable and the cards are valid.
Compensation 30% from Telegram
Telegram states that it will reimburse 30% of the commission if STARS are used for advertising in the Telegram Ads system. Therefore, Telegram covers part of the costs.
Cashing out or converting STARS
STARS can be exchanged for advertising, cryptocurrency, or other digital assets. For example, Telegram ads purchased with STARS can be used to promote third-party services, creating a new revenue stream.
Exit to crypto or cash
Through Telegram Ads (advertising services), numbers (virtual or SIM), or directly through TON, STARS are converted into cryptocurrency (for example, through OTC transactions).
OTC transactions (from the English over-the-counter - "over-the-counter") are transactions with financial instruments (stocks, bonds, depositary receipts) concluded by the parties directly, and not through the exchange
Potential involvement of Roxman, his gang of bandits and the MAJOR project?
Major actively sells advertising and traffic for STARS. This creates a convenient "bridge" for those looking to legalize STARS purchased with cashless payments.
Major effectively acts as an intermediary in the scheme, providing a platform for using STARS and their subsequent monetization.
Bandits:
The role of such structures is to organize mass purchases of STARS using non-cash payments and cashing them out through advertising, cryptocurrency, and other channels.
Thus, our dear brother, Abdurakhman—Pavel's left-hand man, the near-CEO of Telegram—has, for a vast amount of money from various advertisers and advertisers, latched onto Pavel's bot farm. And what was worth literally nothing—he sold for millions.
The owner of FadeWallet confirms the relevance of the incident.
Meet @major.
2 advertising options:
  1. A folder next to dozens of other projects (one-click subscription and complete ignorance by the average user)
  2. A separate task (I quote) "with a guarantee of 3-5 million users for the app" (a huge gap, by the way)

 

All it took was finding people willing to pay crypto for advertising. Then:
- find carders and card material of a particular color or suit in a simple way
- buy STARS from them
- STARS send to Pavel for advertising
- appropriate the 30% delta
- take an additional 10-20% for cashing out (for example, the unknown StarsGram project , which already has 22k MAU).
- Get crypto from bloggers all over Telegram. The advertising market is quite large.
EUROCARDS -> STARS -> CRYPTO
In theory, a small, one-time spin, say a million, yields a margin of at least 30%. 300 units. A single spin of 1 million. The rest is up to you.

 

Moreover, STARS has some of its own internal hashes. Apparently, in some kind of closed form.

 

In the TON blockchain they are not beaten at all.

Just imagine there's no Explorer for all this crap. It's flying who knows where, who knows how. From whom and where? Somewhere on Telegram's servers.
STARS isn't a cryptocurrency, but a closed ecosystem, completely controlled by Telegram. Forget about blockchain, transparency, and control over your assets. Here, everything is decided by Pavel and his team. You don't have a private key, no anonymity—only pretty interfaces and dependence on internal bureaucracy. Telegram itself decides who can use STARS and who can't. This gives them complete control over participants and limits competition. Monetization is tied to Pavel's favor—if he doesn't like you, you'll simply be kicked out of the system.
I think Pavel deployed some kind of clever private blockchain to process STARS. Judging by TON, it was most likely a fork of Ethereum. Telegram knows everything: from the sender to the recipient, and all the amounts. It's all tied to IP addresses, geographic locations, metadata, email addresses, logins, passwords, and devices. All operations depend on the Telegram system. They can cancel, freeze, or change the rules. Your STARS belong to the system, not you.
About how STARS is made in Telegram:
1. The user entered the Transaction ID to initiate a refund request from the @Roxman app.
2. BotFather asks:
Whether the user requested a refund directly through the merchant bot using the /paysupport command.
This is a standard first step when having problems with payments.
3. The user confirmed: he already tried to do this, but the seller refused to return the STARS.
4. After the transaction, he was immediately blocked in the application (probably related to a bot).
5. When attempting to log in to the application associated with the service, the following error is returned:
 
I think you've already figured out which combat cyborg wrote the error codes for refunds to Ryushis from @Roxman's apps. So, @Roxman takes European bank transfers. Then he uses them to buy off celebrities. He takes 10-20% from those who need to cash out. These aren't necessarily old-school carders who take 5-10 minutes to withdraw money from a card before it's blocked. They can and are willing to wait 21 days or more for the cancellation. They call banks and go through authentication. Then he takes another 30% from Pavel. Then he takes money from guys like "Give Ton," who want advertising or promotion. In cash or crypto. And he combines all this into a single scheme.
With a profit of apparently 50% or more overall. With the support of all the top officials, the telegram was sent, including Pavel and his team.
With STARS, Telegram accomplished something other crypto projects couldn't—it gave the "token" widespread use to the masses.
Pathetic attempts to monetize through NFTs failed for Ethereum and BNB years ago, but Dubai's scammers decided to keep up the good work. The old don't remember, the young don't know—they have nothing to lose.
Total:
Retail and small wholesale customers use Telegram for STARS and can exchange them for cryptocurrency or payout to their preferred card at designated locations, minus a 10-15% fee.
Large wholesale orders bring talented managers a suitcase full of cash, waiting for the cash to be credited to their accounts. The Telegram team is happy to provide this cashless service for various channels, including advertising through TG Ads, subscriber acquisition, and app monetization. They sell anonymous numbers, rent them out, mint NFTs, trade them on marketplaces, and offer gifts. Just look at the many cool uses for STARS.
They created a currency. They created goods. They created a market. Everything is closed, everything is for their own people. This isn't even a "cash" button. Or a money printer. This is way bigger. And the scale is so vast that either they destroy this colossus, and Telegram along with it. Or they pin these businessmen down by one sensitive spot and take a tidy share. Whose intelligence agencies will be faster? Or were they?

P.S.

 

You've created a bot that does illegal things. Creating abusive bots can lead to your removal. You're banned from creating bots for a month. And here's an offer you can't refuse: in a month, be a good boy and create only useful bots (or don't create them at all), or you'll be permanently banned from Telegram.

The bot farm in action

 

Look how beautifully Mark @pyrouser uploaded my cart. With device loads approaching 100% CPU utilization.
And you know what?
2,000 messages from each bot. There were over 100 bots. And not a single one was spammed. They're all still active. No rate limits. The workers continue to bombard Telegram. And as he himself called this process, it was a teaser. Which once again proves that Pavel's entire bot farm exists under the direct patronage, orders, permission, and support of all Telegram's top brass.

 

A brief overview of the quality of channels that purchased bot traffic in the Major app.
All of these channels were sold as scams after the flooding, or were originally created for this purpose.
And this, by the way, is the national business of the crests.
I decided to check out the shared groups with Mark @pyrouser

 

Please note:
CAS. GladOS. Tginfo. Crosserbot. Antipov and the Eye of God.
Thousands of messages per minute – and not a single rate limit. Think about it, who understands what I'm talking about? And this bot farm is full of very functional accounts – of which Mark apparently has a lot.
How did he get them?
- by confiscating sessions from honest users—those who didn't have 2FA
- luring accounts through various distributions, gifts, invitations, and possibly sent documents
In general, it’s a very classic scam.
And you know, I dread to think how many real users there were in these hamsters or notcoins. Because the scale of the bot farms is simply staggering. There are literally tens of millions of accounts. Probably 50 million. Maybe even 100 million. 200-300 million? I wouldn't be surprised by anything anymore. Apparently, Pavel Durov was preparing Telegram for sale and really wanted to improve the statistics—and inflate figures he simply didn't have and doesn't have.
A surprise for Pavel's favorite app, MAJOR. Dirt, hohols, the SBU, farms, bot operators, millions of lines of leaked data. Slackers, defective data. Fraud. Everyone who leaked Major on OKEX using different wallets but with the same MEMO is now collected in this file .
Look in the database for MEMO 8655112 .
We're finding a withdrawal from 1,000 accounts to a single wallet, which is simply impossible, since the Major only allowed drops for donations and refs who donated. It turns out they not only took care of these bots, but also inflated their balances, while simultaneously ripping off users who weren't donating.
This is a typical @unixtux bot farm - thousands of wallets of which were ultimately transferred to the same OKEX account.
Would you like me to tell you another funny joke?
No, Telegram no longer provides IP addresses in GDPR export and does not display them in the session list.
"Telegram no longer provides IP addresses in GDPR data exports and does not display them in the session list."
This is nothing more than an attempt to avoid being sued for violating the GDPR. Pavel, who allowed hundreds of tapalok users, especially his friend and STARS scammer @Roxman from the MAJOR project, to parse and leak not only millions of @username <=> TON wallet connection strings, but also all other metadata. Although this is unlikely to help, and Pavel will soon face another couple dozen or hundreds of lawsuits with fines of 20 million euros and 4% of the turnover from the billions he himself announced and declared.

Endopia

Fintopio—I didn't even know what kind of scam this TON was. But I've been receiving it since around May 2024. Not as an advertisement, no, just to check it out.

 

Why is the billionaire and owner of @Fintopio buying up Durov's one-day ventures? At a high price, without bargaining. They're being bought by @deluxe.
He's buying openly, without any embarrassment. He's doing the same with two other phenomena of Pavel's air empire: the numbers and usernames on the Fragment platform. He's been outbidding virtually every bidder for the last year and stockpiling supplies, as if in case of a nuclear winter.

 

He stands at the distribution of tons from his endless wallet. And all this happens every day – for many months.

 

You can't go anywhere without MAJOR. @Deluxe is a close friend of @Roxman

 

Pavel is Le Du Rove. @Roxman became De Anon.
And Roman Novak modestly calls himself De Luxe. @Deluxe.
No one is hiding, all profiles, full names, photos - everything is honest and clear.

 

Let's look at Roman's ambitious plans.

 

In fact, Roman De Luxe has more users. And not all of them are high-quality.

 

They don't hire employees from Russia because of the "geopolitical situation"...

 

Roman Novak @Deluxe calls our friend Abdurakhman @borz — Brother.
Even before he launches MAJOR with combat cyborgs. In May 2024.

 

Of course, he also leaks all of his wife's information, including her last name.
Eroshenko.

 

 

It seems to me that the money is being given to Anna and Roman Novak by none other than this harmless grandfather.

 

Plain shorts. A regular T-shirt. No Luxe or De Luxe.
Grandpa has taste, unlike the younger generation. I could be wrong—I'm still checking. But Roman turned out to be a close friend of ours, @Roxman. And therefore, he ended up in touch with the Ukrainian combat cyborgs and the entire Telegram team.
What if Grandpa wants to gamble with his spare 200-300 million and invest in some of his son-in-law's startups? Say, @Fintopio. He's a family member, after all.

 

Roman is an investor. He invests in Pavel Durov. In numbers, in usernames, in STARS, in TON. In Telegram.

 

 

90% haven't heard of this scam and don't know anything about it. But the Fintopio News channel, of course, already has 7 million subscribers. And the bot has 1.5 million users in the last month.

 

I think Roxman uploaded Pavel's entire botnet here, since he's listed as a co-owner of Fintopio. And he took 100,000 USD in cash or crypto from Roman, meaning Anna, meaning Grandpa. Meanwhile, @Roxman receives STARS for the cashless transfer and uses them to buy ads from Pavel. Overall, he gets 40-50%.
By comparison, the godfather of all Telegram bots, @Botfather, has just over 2 million monthly users. And these figures are from all over the world, including India, Iran, and elsewhere. Which is much closer to reality:

 

By the way, it was Roman who gave @Roxman that number for $20K.

 

 

The Fintopio wallet is expected to launch sometime in spring 2024. Naturally, no one knows about it yet.

 

A certain Roman Novak, born in 1987, is for some reason wanted in Russia.
With document number 11901400038001080.
It's probably some kind of coincidence. Or an accident.
Rumor has it, but I'm inclined to believe it's quite true, that Novak raised over $10 million in Moscow, St. Petersburg, and Sochi on Fintopio. He fled to Dubai, developed and developed, and then needed to show metrics—and then the app started flooding with "visitors" from the Pavel bot farm. Investors aren't fools, and they started asking how much income he was getting from swap monetization (his only source of income).
A swap is an exchange of tokens between two parties or the transfer of crypto from one blockchain to another.
All swaps were previously processed through Changelly. Novak told his investors they had broken the 100,000 swap mark per day with an average transaction size of $1,000, which is, of course, nonsense. The investors are happy, but Changelly's CEO turns out to be a friend of the investor's grandmother's brother's mother. And at that moment, Novak @Deluxe's ​​ass is burned, because all the numbers are fake, and the swaps are suddenly disabled.
But Novak manages to find a new investor in Dubai for $30 million.
My guess is that this was his wife @Eroshenko's Swiss grandfather. By showing him fake numbers, he was able to sign up the old man. Again, thanks to the Pavel bot farm – controlled by @unixtux, @Roxman, Mark, and others.

 

 

Meanwhile, a certain Abuda was found in @Deluxe's ​​gifts.
Which, already in her stories, leads us to that very Ramzan, a close friend of @Roxman and Pavel Durov personally.

 

We're taking a closer look at the Instagram account of Roman Novak, CEO of the app Fintopio. He spends his wife's money on his own pleasures. She presumably receives it from her grandfather.

 

@Vipclub
What else could you call it? Luxury, VIP. Scroll down to post 1.

 

Our dear @Deluxe is driving, of course. Question: Who's on the right?

 

 

Then we accidentally go to Violetta Antipova's channel , Evgeny Antipov's wife. It's a public channel. And we find the appropriate angle in the video. Left arm. Triceps from behind.

 

We accidentally find an interview:

 

And I think this is it.

Everyone loves cats

What kind of cat is this? Do you think it's an ordinary cat?

 

The cat belongs (rumor has it) to a former colleague, @id2xx. Apparently, they worked together before.
Where can we find this cat? We'll find him in Lenka's stories. What a wonderful name.
And the username. @lenka

 

 

 

But we're most interested in where @lenka works and who she works for.

 

 

You know what's funniest about this completely surreal situation? That @lenka's current boss, Evgeny Antipov, also uses @Roxman's private chat. It's called RR. But what are Mr. @dmitry and @vihor, the Telegram developers, doing there? It raises some questions for me.

 

 
What a funny chat. Literally everyone's there. Mark, Elena, /null, Quantum, and even that hohol Mifuru. Apparently, @lenka moonlights on all the Telegram bots at once. Both for the FSB and the SBU.
Want another joke?
 
The cat's name is Chuck. See the paw in the hat there? Chuck. From the chakra ripper. Perhaps this isn't just a coincidence of colleagues—and collaboration. The admins of God's Eye and the Ukrainian cyber group CAS. Perhaps it's love.
According to @lenka, it's simple:

 

It's not entirely clear, though, how the top of the Ukrainian cybercriminal group CAS is giving Top God's Eye, who collects billions of tons of personal data from Russian citizens, his personal username for a cat for free?
@CHAKROVIRIVATEL
Let's take a closer look at the gifts received by Chakra-Ripper /dev/ null, a brilliant Ukrainian combat cyborg hunted by the FSB and Kaspersky.

 

The first gift from dear Brother @Roxman, of course.

 

The second gift comes from Mifuru.

 

The third gift to our CAS hacker comes, of course, from Elena from God's Eye, @Elenka. A little earlier, the chakra-puller gave her his personal username for posting a photo of his cat.

 

A gift from Ram arrives. That is, Ramzan. That is, he and @unixtux know each other and communicate.

 

@Vihor couldn't have been there without him. A top-5 Telegram developer is giving away a STARS gift to @Unixtux.

 

 

@dmitry

Why and for what does an important Telegram developer @dmitry receive a "Durov cap" as a gift from @Roxman?

 

 

@dmitry received gifts from @Roxman with numbers 1, meaning he minted himself some cool numbers; his entire profile is in the first series of numbers. I also think @Dmitry is the real owner of MAJOR, hiding behind @Roxman, who pretended to be a gigadeveloper. While @Unixtux did everything for him.
In the development of basically everything, not just in TON, there is a rule: developers test first.
I was curious – who created the marriage called STARS for Pavel? We'll try to find the first STARS transactions on the Ton blockchain.

 

Pavel announces STARS on June 6th. We're seeing demo tests from March 2024. But it's good that the Telegram developers aren't so stupid as to do everything from their personal wallets.

 

Of course, I was joking about “not so stupid”.

 

A certain Artem Kolnogorov is testing the STARS defect for Telegram four months before the announcement.

 

 

Sports programming at UrFU. Nizhny Tagil, with a planned move to St. Petersburg.

 

The dates of birth are very much ours.
The second nickname @Asmico turns out to be @Kolar. But Artem isn't that obvious. Wait, though.

 

I was joking.

 

Apparently @Kolar has been in the tone since about 2022.

 

Let's see where @Asmico's wallet was filled from and what he was doing there.

 

Some NFTs. And my second user. On a wallet signed by the Telegram Team.

 

Artem only stores his money on v3r2. At first, I didn't understand how tones were being spent from this address https://tonviewer.com/UQAuz15H1ZHrZ_psVrAra7HealMIVeFq0wguqlmFno1f3B-m (Telegram Team) if there were no incoming payments.
It turns out that there are receipts.
BUT IT'S HIDDEN IN THE EXPLORER https://tonviewer.com/ (with the "skipped" parameter). Explorer, of course, belongs to Rogozov's team.

 

Rate the joke. One identical transaction. Same tone. But does it reflect?

 

Completely different.
Conclusion? Dubai scammers have become so brazen that they've started wiping out Explorer.
They will soon start releasing patches and removing their flagrant transactions directly from the blockchain.
Who's funding all this stuff? The wallet is signed by the Old TON Foundation.

 

Apparently, either Pavel or Rogozov is in charge of the wallet. There's no one else.

 

The drains from the wallet go directly to OKEX. Hundreds of thousands of tones.
UQCD39VS5jcptHL8vMjEXrzGaRcCVYto7HUn4bpAOg8xqEBI
I'm interested in the last 2 conclusions.

 

We're seeing tones worth about $5 million. And the same birds we saw in @Asmico's personal wallet. Could just be a coincidence.

 

Who's getting 66,666 Ton? A custom user of the Dubai Get Gems scam? Who's @oleganza?

 

 

Apparently, this is the same Oleg Andreev who receives a salary of 66,666 TON from the Old Ton Foundation wallet.

 

The second ( https://t.me/Ghost_In_The_Block/30916 ) wallet apparently belongs to Rogozov.

 

I'd just like to clarify from which bot, and for what, does the unofficial CEO of MAJOR and part-time Telegram developer @Dmitry receive 84.125 TON? This transaction is worth ~462,000 USD.

 

 

 

 

 

And there are dozens of such transactions. Now let's calculate how many TONs they represent in total.

 

The funniest thing is, @Dmitry starts testing MAJOR itself even before the official announcement. And right at the launch, MAJOR receives 33,582 TON—directly from Telegram via their subsidiary Fragment. Apparently, this is a reward for the deep integration of Pavel's bot farms.
August 5 +33.585 TON
August 6 +4.745 TON
August 8 +2.044 TON
August 9 +3.536 TON
August 11 +6.426 TON
August 13 +3.129 TON
August 14 +2.256 TON
August 17 +3.145 TON
August 19 + 3.342 TON
August 24 + 5,880 TON
August 30 +3.604 TON
September 5 +4,620 TON
September 9 +3.354 TON
September 24 +5.896 TON
October 1 +6.099 TON
October 17 +6.763 TON
October 19 +16,930 TON
December 7 +45.329 TON
December 9 +84.125 TON
December 30 + 1.246 TON
The only recipient was @Dmitry, who, judging by everything, is simply nurturing Pavel along with Rogozov. He's using Roxman and Unix, while also directly owning the bot and charging Telegram for ad views or activity that essentially doesn't exist. Because these are all Unix bots.
In total, Dmitry Moskovsky @Dmitry received 246,054 TON ~ 1,353,297 USD .
Of course, everything was simply divided between their own and merged onto OKEX via direct transactions to MEMO 8648477.
Few people know, but Tonscan https://tonscan.org can show other versions of the same wallet. And of course, no one ever goes there or finds them. Except me.
Let's see what @Dmitry is doing on the second wallet. UQBUUkHPNWgpC6eNqXrxj5r_grMSOJhMFzhtHZCqUTkOqKT2

 

@Dmitry also receives rewards for his second wallet, not from bots, but from channels—tens, hundreds of thousands of TON tokens, all of which go into the OKEX order book.

 

MAJOR tokens are naturally sent to the order book. This time, they're being bought. Let's remember the MEMO: 18937517. It might come in handy.

 

At the same time, @Dmitry additionally stores MAJOR tokens in a third piggy bank.
Where is the 1.3 million major now ~540k USD.

 

I wonder what kind of channel @Dmitry runs that gets hundreds of thousands of tons.
Bottom line: Pavel is being robbed by Telegram's own developers, represented by @Dmitry. Literally millions of dollars, using cunning monetization schemes for bots and channels, which they monetize with bot farms, inflating activity, likes, and views. And Pavel pays for free bots from Unix and Roxman's farms. Hundreds of thousands of #TONs literally every day.
We need to calculate how much TON @Dmitry has scammed on the second wallet.
September 17 +9.026 TON.
September 19 +7.042 TON.
September 20 +4.490 TON.
September 22 +10.220 TON.
September 27 +7.276 TON.
September 29 +4.665 TON.
October 3 +4.951 TON.
October 5 +4.664 TON.
October 7 +11.117 TON.
October 9 +7.993 TON.
October 11 +6.758 TON.
October 12 +8.902 TON.
October 14 +19.441 TON
October 16 +13.608 TON.
October 21 +23.883 TON.
October 23 +15.781 TON.
October 27 +21.580 TON.
October 29 +28.131 TON.
October 30 +15.241 TON.
October 31 +18.289 TON.
November 1 +44.984 TON.
November 4 +12.049 TON.
November 7 +5.956 TON.
November 9 +14.975 TON.
November 10 +7.895 TON.
November 14 +13.929 TON.
November 15 +5.901 TON.
November 17 +10.398 TON.
November 22 +36.660 TON.
November 24 +50.217 TON.
November 28 +39.041 TON.
December 1 +16.785 TON.
December 2 +18.907 TON.
And every single TON ended up on @Dmitry's OKEX. MEMO 8648477. Let's summarize the above on Dmitry's second wallet.
The total amount of funds in the first wallet @Dmitry - the reward for the MAJOR bot is 246,054 TON ~ 1,353,297 USD
The total amount of funds in the second wallet of @Dmitry - a reward for "some channels" probably related to MAJOR - perhaps even for the channel @Roxman is 520,755 TON ~ 2,864,152 USD
This doesn't include MAJOR tokens—another hundreds of thousands of USD in Dmitry's known wallets. It turns out that @Dmitry robbed Pavel of 4 million USD out of nowhere, in just a couple of months . Because it's obvious that this whole scheme is a cashless-Stars-Crypto-Tone-Payment-Impressions-Advertising-Bots scheme and is managed by Unix, who helpfully offered Dmitry its services.

 

f course, every single token was dumped on OKEX. Wallet10. With personal MEMO @Dmitry 8648477. OKX wallet 10 is the only one I didn't have time to use. But now the issue becomes crucial.
 
Let's start with USDt. On the ton, of course. ~464,300 USDt Ton was withdrawn by Dmitry. MEMO 8648477.

 

Tones. First wallet. We've already counted them. 277,868 Ton ~1,528,274 USD

 

2 new technical wallets from Dmitry @Dmitry. Total: 4,078 + 17,999 + 13,639 TON. 35,716 TON ~ 196,438 USD .
EQALXHLikD-R5TBPZm7PFdyYvcWcMYlasm2EGsccq02N7PpE
EQCKv5iCJ1hpkXe8TY5gZZ8stDdlfsMjvxz6Y8crnYJWe_3X

 

Something new. Amounts in TON.
EQCXrZNESRUInoEiOP8Qq-kGbQsD6j26KoYw-5yfiKpFXPqY

 

I don't know whose wallet it is yet. But he's withdrawing through the same exchange account with MEMO 8648477.
The total withdrawal amount is 1,384,893 TON ~ 7,616,911 USD.
Another wallet from @Dmitry. 18,919 TON (~104,054 USD) lost per glass.
EQD1GUKYXQnbbPJF8QOQ5ieJ-Uv8mH7i38_TQ-lnSH5vNJIF

 

Two major losses on OKEX. A total of 1,302,818 tokens. I'm guessing at a rate of ~0.75. That gives us ~977,113 USD.
UQBUUkHPNWgpC6eNqXrxj5r_grMSOJhMFzhtHZCqUTkOqKT2
EQDV3FPAkxE-U97RrBilbxyzTd_Big1T7UTX9qoTcMrXnG_4

 

Well, that's about it. The total amount of leaks from the developer #VKCO - Telegram - Ton - MAJOR — @Dmitry, in dollars, is:

13.853.866 USD

Only one - his personal, proven MEMO on OKEX 8648477.
Looks beautiful. @Dmitry, what do you think?

 

Now I need to check Dmitry's bye-bit. I have one too, of course. 18937517
5,363 tokens were lost. But 572,000 MAJOR tokens were lost. Highs. Could have pocketed ~500,000 USD .

 

 
During the research process, it turned out that @Dmitry and @Roxman have the same MEMO—when they share "shmokkens" and "tons." No one would have guessed. Open the @Roxman address: borz.ton = 18937517
Either they have a shared wallet, or a shared exchange account, or @Dmitry is servicing @Roxman. Or vice versa. As you wish.

Results

Thus, pro-Ukrainian hacktivists have proven their penetration of all Telegram command centers, including extensive connections with influencers, Swiss billionaires, Chechen dissidents, and developers at all levels.
They communicate. They exchange gifts. They scam the CIS community on dashboards. They scam on OKEX. They scam on leaks, leaks, and big data. They work with the admins and top managers of the "Eye of God" project. They scam on Tone.
And they are the main developers and players in virtually all current projects—which Pavel Durov personally promotes and promotes. With the assistance of Mr. Roxman, whose right-hand man @unixtux is, according to numerous testimonies and evidence.
What does this mean? It means that all Telegram developers, including @dmitry and @vihor, are on the hook for @unixtux. They're waiting for the next thing to happen—they'll rip off investors in one or another project fueled by Pavel's bot farms. And they're saying they're large private investors who look at Pavel and Telegram's 7 million subscribers and believe that there can't be 5, 10, or 50 million bots.
AND THERE IT MAY BE!
And small retailers, too. Those monitoring activity and buying, say, NOT on the OKEX exchange. This applies to all apps, tapaloks, bots, coins, crypto projects, Telegram projects themselves, and the channels of top Telegram influencers. And it remains to be seen and understood how Antipov, the FSB's right-hand man at Telegram, is connected to the top brass of the Ukrainian cybercriminal group CAS, which has taken down numerous companies, organizations, and government agencies.
My question is this:
Why is Pavel covering for @Roxman?
Is anyone behind @Roxman? 
What does Antipov, the head of God's Eye, have to do with this?
Why hasn't the MAJOR scam app been removed? Even after all the slander and leaks.
Why are dozens of people who were scammed by advertising, for hundreds of thousands, probably millions of dollars, who were given bots, silent?
Why is the Telegram team so actively involved in everything, covering up, shielding, and allowing all of this? They understand everything, accept it, and do nothing.
Because such bot farms cannot survive without the support of Telegram and Durov personally.