🚨BREAKING: Cointelegraph Website Compromised—Fake Token Airdrop Scam Exposed

Crypto news giant Cointelegraph became the latest victim of a brazen security breach—hackers hijacked its platform to promote a fraudulent token airdrop. Here's how it went down.

The Attack Vector: Bad actors exploited vulnerabilities to replace legitimate content with scam offers, luring users to connect wallets for 'free' tokens. Classic rug-pull setup.

Industry Fallout: Yet another reminder that even trusted crypto media isn't immune to attacks—especially when greed clouds judgment. (Who could've predicted that in a market fueled by FOMO?)

Damage Control: Cointelegraph's team scrambled to contain the breach, but not before countless users saw the malicious posts. Always verify, never trust—even the blue checks lie sometimes.

The Bottom Line: If it smells too good to be true in crypto, it's probably a scam wrapped in a Ponzi scheme. DYOR before you ape.

TLDR

• Cointelegraph website compromised by front-end exploit showing fake CTG token airdrop pop-ups promising $5,500 worth of tokens
• Attackers used fraudulent CertiK audit claims to make the scam appear legitimate and trick users into connecting wallets
• Similar attack hit CoinMarketCap just two days earlier using identical phishing tactics
• Both incidents part of growing wave of crypto platform compromises that hijack trusted sites to bypass user suspicion
• Phishing schemes and malware attacks accounted for 70% of $2.2 billion stolen in crypto hacks during 2024

Major crypto news outlet Cointelegraph confirmed its website was compromised Sunday in a front-end exploit that displayed malicious pop-ups to visitors. The attack targeted users with fake token giveaways designed to steal cryptocurrency from connected wallets.

The fraudulent banner claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens” worth nearly $5,500 to users. Attackers presented the scheme as a legitimate “fair launch initiative” to reward loyal readers of the crypto news platform.

The pop-up included fabricated token pricing information and falsely cited a security audit from CertiK to add credibility. Users were prompted to connect their crypto wallets to claim the supposed rewards, which WOULD have given attackers access to drain funds.

Cointelegraph quickly issued warnings on social media platform X, telling users not to interact with the pop-ups. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” the company stated while confirming they were working on a fix.

🚨 ALERT: We are aware of a fraudulent pop-up falsely claiming to offer “CoinTelegraph ICO Airdrops” or “CTG tokens” that are appearing on our site.

DO NOT:
– Click on these pop-ups
– Connect your wallets
– Enter any personal information

We are actively working on a fix.

— Cointelegraph (@Cointelegraph) June 23, 2025

The attack method mirrors an identical exploit that hit CoinMarketCap just two days earlier. In that incident, visitors saw similar wallet connection prompts disguised as verification requests before the malicious code was identified and removed.

Both attacks represent part of a broader trend of cybercriminals targeting crypto platforms through compromised user interfaces. The tactics exploit the trusted nature of established websites to bypass typical user skepticism about suspicious links or offers.

Growing Threat to Crypto Platforms

These front-end exploits have become increasingly common as attackers seek new ways to access cryptocurrency holdings. The method involves injecting malicious code into legitimate websites that users already trust and visit regularly.

Victims typically connect their wallets believing they are claiming rewards or completing verification processes. Once connected, attackers can immediately drain funds from the compromised accounts through automated smart contracts.

The timing of both attacks suggests coordinated efforts by the same threat actors. Security researchers have noted the identical presentation and messaging used across both the Cointelegraph and CoinMarketCap incidents.

According to blockchain intelligence firm TRM Labs, phishing schemes and malware-based attacks made up 70% of the $2.2 billion stolen in cryptocurrency-related hacks throughout 2024. These statistics highlight the scale of the ongoing threat to crypto users and platforms.

Recent Security Breaches

The Cointelegraph attack occurred just days after security researchers disclosed a massive data dump containing over 16 billion stolen login credentials. The breach included access to accounts on major platforms like Google, Telegram, Facebook, and GitHub.

Researchers believe the credential trove was assembled through infostealer malware, credential stuffing attacks, and previous data leaks. This type of stolen information often enables subsequent attacks on crypto platforms and user accounts.

The combination of compromised credentials and front-end exploits creates multiple attack vectors for cybercriminals. Users may face threats both from their stored login information and from visiting compromised websites they previously trusted.

Both Cointelegraph and CoinMarketCap have since removed the malicious code from their websites and restored normal operations.