- Crypto news outlet Cointelegraph has come under cyberattack.
- The hackers enabled a fraudulent pop-up falsely claiming to offer “CoinTelegraph ICO Airdrops” or “CTG tokens”.
- This is the latest in a wave of cyber security attacks against the crypto community.
Crypto news outlet Cointelegraph has confirmed that its website was compromised in an exploit used to promote a fraudulent token airdrop. This exploit marks the latest in a growing wave of phishing attacks targeting the crypto community.
In a statement on X, Cointelegraph acknowledged the breach, warning users against interacting with the malicious content.
“We are aware of a fraudulent pop-up on our website and are actively working on a fix,” Cointelegraph stated.
“Do not click on these pop-ups, connect your wallets, or enter any personal information.”
Cointelegraph
How did the breach happen?
The pop-up, posing as a “fair launch initiative,” falsely claimed users were eligible to receive nearly $5,500 worth of a new token.
It displayed a fake token price and falsely cited blockchain security firm CertiK as having audited the associated smart contract.
The method used mirrors a similar incident that occurred just two days earlier on CoinMarketCap, where users were shown deceptive pop-ups asking them to connect their wallets for identity verification. The malicious code which had been injected into the site, has since been removed.
What does this hack mean?
Both incidents highlight an escalating trend of front-end exploits being used to execute phishing schemes across major crypto platforms.
These attacks typically involve interfaces that prompt users to connect wallets under false pretenses leading to full access and asset theft by the attacker.
Phishing and malware-based infrastructure attacks have accounted for 70% of the $2.2 billion stolen in crypto-related hacks so far in 2024.
The Cointelegraph hack comes shortly after cybersecurity researchers uncovered a massive database of more than 16 billion stolen login credentials, reportedly compiled through infostealer malware, credential stuffing, and prior data leaks.
Security experts continuously urge users to remain vigilant and avoid connecting crypto wallets to unfamiliar or suspicious interfaces.