🚨 Alert: Hackers Target Crypto Giants Cointelegraph & CoinMarketCap with Sophisticated Wallet Connection Scams

Crypto's dark underbelly strikes again—this time with surgical precision. Hackers are exploiting wallet connection protocols on two of the industry's most trusted data platforms. Here's how they're doing it.

The Bait-and-Switch Playbook

Fake 'Connect Wallet' popups mimicking legitimate UI elements are appearing on compromised ad slots. One click grants access to your hot wallet—no brute force required. Oldest trick in the book, now with Web3 execution.

Why This Hurts More

Unlike exchange hacks, these scams weaponize user trust in neutral information hubs. The irony? Victims were researching crypto safety when they got drained. Talk about adding insult to injury.

The Silver Lining?

Ledger users report transactions getting blocked when their devices detect mismatched domain permissions. Cold storage wins again—while hot wallet providers scramble to patch detection gaps.

Another day, another reason Wall Street calls crypto the 'wild west.' But let's be real—at least our bandits innovate faster than their 1980s-era stock frauds.

Crypto news website targeted, hackers use CMC tactics

The fake pop-up claimed that users had been randomly selected for a new token giveaway as part of a “fair launch initiative” supposedly backed by Cointelegraph to reward loyal readers. 

Per several reports on social media, a malicious JS script was likely added to CT’s advertising system to display a fabricated token price, and promised each participant nearly $5,500 worth of tokens if they connected their wallet to the site. 

🚨 The malicious JS code appears to come from Cointelegraph's advertising system.

Related files:
https://adbutlerserve[.]com/assets/inject.js
https://adbutlerserve[.]com/assets/90435885-4428-4fc3-ade0-378d793ea392.js pic.twitter.com/QbH7kaDBLx

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) June 23, 2025

The pop-up also falsely alluded that blockchain security firm CertiK had audited the smart contract behind the token.

As reported by Cryptopolitan, a similar incident was seen on CoinMarketCap just two days earlier, where visitors were exposed to fake wallet connection requests under the guise of “verification.” 

CoinMarketCap reported the breach on X, confirming that malicious JavaScript code had been injected into its front-end interface. The code has since been removed.

Zhao warns the crypto community to watch out for wallet connect requests

In an X post on Monday, former Binance CEO Changpeng Zhao told crypto investors to be extra careful when asked to connect their wallets to any websites. 

“2 days ago CMC, now CT. Hackers are targeting information websites now. Be careful when authorizing wallet connect,” Zhao said.

He added that on-chain analysis of the CoinMarketCap breach revealed 39 victims had collectively lost approximately $18,570. According to Zhao, CoinMarketCap will reimburse all affected users.

In both the CoinMarketCap and Cointelegraph attacks, the hackers used similar social engineering tactics. Users were led to believe they were receiving free tokens or were required to confirm their identity, only to have their crypto assets drained moments after granting wallet access.

In June alone, there have been at least five incidents of phishing and front-end exploits targeting the funds of crypto and traditional finance. Blockchain intelligence firm TRM Labs recently reported that phishing schemes and malware-based attacks accounted for a staggering 70% of the $2.2 billion lost to crypto-related hacks in 2024. In May, crypto investors lost over $240 million through the same exploits.

The Cointelegraph attack comes against the backdrop of the disclosure by researchers of a massive data dump containing over 16 billion stolen login credentials. The compromised data reportedly includes access to “day-to-day” popular platforms such as Google, Telegram, Facebook, and GitHub.

In other related news, blockchain security firm Hacken confirmed that a private key leak allowed a bad actor to mint and dump $250,000 worth of the firm’s native token, Hacken Token (HAI), causing its value to crash by approximately 99% over the weekend.

According to Hacken’s security team, the breach involved an account with a minting role on both the ethereum and BNB Chain networks. The attacker generated large amounts of HAI and immediately sold them on decentralized exchanges, tanking the token’s price from $0.015 to just $0.000056.

Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More