Cointelegraph Hacked Users Lose $5,500 in Fake Token Airdrop

Crypto news outlet Cointelegraph recently disclosed that its website was compromised in a front-end exploit, tricking visitors into connecting their crypto wallets and claiming a fraudulent token airdrop. The publication posted a statement on social platform X, acknowledging the fraudulent pop-up and assuring users that it was actively working on a fix. Cointelegraph urged users not to interact with any prompts asking for wallet access or personal information.

The fake pop-up deceived users by claiming they had been randomly selected for a new token giveaway as part of a “fair launch initiative” supposedly backed by Cointelegraph to reward loyal readers. A malicious JavaScript script was likely added to Cointelegraph’s advertising system to display a fabricated token price, promising each participant nearly $5,500 worth of tokens if they connected their wallet to the site. The pop-up also falsely alluded that blockchain security firm CertiK had audited the smart contract behind the token.

This incident is not an isolated case. Just two days earlier, a similar exploit occurred on CoinMarketCap, where visitors were exposed to fake wallet connection requests under the guise of “verification.” CoinMarketCap reported the breach on X, confirming that malicious JavaScript code had been injected into its front-end interface. The code has since been removed.

In response to these incidents, former Binance CEO Changpeng Zhao warned crypto investors to be extra careful when asked to connect their wallets to any websites. He highlighted that hackers are targeting information websites and advised users to be cautious when authorizing wallet connections. Zhao also revealed that on-chain analysis of the CoinMarketCap breach showed 39 victims had collectively lost approximately $18,570. He added that CoinMarketCap will reimburse all affected users.

In both the CoinMarketCap and Cointelegraph attacks, the hackers employed similar social engineering tactics. Users were led to believe they were receiving free tokens or were required to confirm their identity, only to have their crypto assets drained moments after granting wallet access. These incidents underscore the growing sophistication of phishing and front-end exploits targeting the funds of crypto and traditional finance users.

In June alone, there have been at least five incidents of phishing and front-end exploits. Blockchain intelligence firm TRM Labs recently reported that phishing schemes and malware-based attacks accounted for a significant portion of the $2.2 billion lost to crypto-related hacks in 2024. In May, crypto investors lost over $240 million through the same exploits.

The Cointelegraph attack comes against the backdrop of the disclosure by researchers of a massive data dump containing over 16 billion stolen login credentials. The compromised data reportedly includes access to popular platforms such as Google, Telegram, Facebook, and GitHub. This highlights the broader threat landscape facing users in the digital age, where personal and financial information is increasingly at risk.

In another related incident, blockchain security firm Hacken confirmed that a private key leak allowed a bad actor to mint and dump $250,000 worth of the firm’s native token, Hacken Token (HAI), causing its value to crash by approximately 99% over the weekend. According to Hacken’s security team, the breach involved an account with a minting role on both the Ethereum and BNB Chain networks. The attacker generated large amounts of HAI and immediately sold them on decentralized exchanges, tanking the token’s price from $0.015 to just $0.000056.