Cointelegraph Suffers Front-End Breach, Users Targeted by Fake Token Scam

Cointelegraph, a prominent crypto media platform, confirmed a front-end security breach on June 22 that exposed users to a malicious pop-up. The pop-up urged users to connect their wallets, a tactic aimed at deceiving users into granting wallet access, which could then be drained of assets. The incident involved scammers promoting a fake Cointelegraph token (CTG) and a counterfeit initial coin offering (ICO) campaign. Scam Sniffer, a blockchain security platform, first identified the compromise, noting the attackers' intent to deceive users.

The exploit was traced to a JavaScript payload embedded via the site’s advertising infrastructure. The malicious code appeared to originate from a domain resembling AdButler, though it had been recently registered and linked to a malicious script hidden within a banner advertisement. In response, Cointelegraph issued a public statement warning users not to interact with pop-ups promoting “CTG tokens” or “CoinTelegraph ICO airdrops.” The platform emphasized that it is actively investigating the issue and working to remove the malicious code. Users were advised not to enter personal details or connect wallets to any prompts on the site.

This incident follows a similar attack on CoinMarketCap just two days prior. On June 20, the crypto data provider experienced a front-end breach that resulted in a fake wallet prompt appearing on its homepage. CoinMarketCap traced the vulnerability to a doodle image linked to unauthorized JavaScript, which briefly disrupted the site’s interface. The message on each site differed, but both cases followed a near-identical delivery mechanism: a deceptive pop-up disguised as a platform feature. This may indicate a coordinated campaign targeting high-traffic crypto websites using ad-based JavaScript exploits.

Security experts pointed out that the twin breaches highlight a growing trend of attackers exploiting trusted platforms to execute wallet-draining schemes. As a result, they urged crypto users to remain cautious, avoid interacting with unknown dApps, and regularly monitor wallet activity to stay safe. The incidents underscore the importance of vigilance and the need for enhanced security measures to protect users from such exploits.