EddieJayonCrypto
23 Jun 25
Crypto news site Cointelegraph confirmed its website was hacked via a front-end exploit that promoted a fake token airdrop to steal from users. The fraudulent pop-up falsely offered nearly $5,500 in tokens for connecting crypto wallets and claimed a security audit by CertiK. This attack mirrored a s...
Crypto news platform Cointelegraph confirmed its website was hacked through a front-end exploit that displayed a fraudulent token airdrop pop-up designed to steal users' crypto wallets. The scam falsely promised users nearly $5,500 in tokens as part of a supposed “fair launch initiative,” claiming a security audit from CertiK to lure users into connecting their wallets.
This incident closely followed a similar phishing attack on CoinMarketCap, where malicious code injected into the site generated deceptive pop-ups requesting wallet connections. Both attacks are part of a rising trend where compromised crypto platform interfaces enable phishing schemes that trick users into relinquishing wallet access, resulting in significant financial losses.
Blockchain intelligence firm TRM Labs highlights that phishing and malware attacks accounted for 70% of the $2.2 billion stolen in crypto hacks throughout 2024, emphasizing how prevalent and effective these front-end exploits have become. The Cointelegraph breach came shortly after a major data dump revealed over 16 billion stolen login credentials across numerous platforms, sourced primarily through malware and credential stuffing techniques.
Cointelegraph issued warnings urging users not to interact with the fake pop-ups, avoid connecting wallets, or providing personal information, while actively working on a fix to secure their website. These coordinated attacks underscore the importance for crypto users to remain vigilant and exercise caution, especially when prompted by unexpected giveaways or wallet connection requests on trusted platforms.