Cointelegraph Hit by Front-End Exploit, Fake Phishing Airdrop Pop Up on Website
Crypto media outlet Cointelegraph has confirmed its website was compromised by a front-end exploit on Sunday, with attackers injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.”
The fake banner urged readers to connect their crypto wallets in exchange for nearly $5,500 worth of tokens, citing a “fair launch” event and a bogus CertiK audit to lend legitimacy to the scam.
“Do not click on these pop-ups, connect your wallets, or enter any personal information,” Cointelegraph warned in a post on X, adding that it was “actively working on a fix.”
🚨 ALERT: We are aware of a fraudulent pop-up falsely claiming to offer “CoinTelegraph ICO Airdrops” or “CTG tokens” that are appearing on our site.
DO NOT:
– Click on these pop-ups
– Connect your wallets
– Enter any personal informationWe are actively working on a fix.
— Cointelegraph (@Cointelegraph) June 23, 2025
Victims are typically tricked into connecting wallets for token claims, identity verification, or loyalty rewards — only to have their funds siphoned immediately after.
The tactic mirrors a nearly identical exploit on CoinMarketCap two days earlier, where attackers embedded similar code to serve wallet phishing prompts.
In both cases, the attack relied on hijacking trusted platforms to bypass user skepticism — turning news and veri sites into unwitting vectors for wallet drainers.
