Cointelegraph Hit by Front-End Exploit, Fake Phishing Airdrop Pop Up on Website

What to know:

Cointelegraph's website was compromised by a front-end exploit, leading to a malicious pop-up offering fake 'CoinTelegraph ICO Airdrops' and 'CTG tokens.'

• The fraudulent banner urged users to connect their crypto wallets, falsely promising $5,500 in tokens, and cited a bogus CertiK audit to appear legitimate.
• Cointelegraph warned users not to click on the pop-ups or provide personal information, as attackers have used similar tactics on other platforms like CoinMarketCap.

Crypto media outlet Cointelegraph has confirmed its website was compromised by a front-end exploit on Sunday, with attackers injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.”

The fake banner urged readers to connect their crypto wallets in exchange for nearly $5,500 worth of tokens, citing a “fair launch” event and a bogus CertiK audit to lend legitimacy to the scam.

Taking a Page From 'Elon's Book': Mo Shaikh on His New $50M Fund

00:02

/

16:24

STORY CONTINUES BELOW

Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters

By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

“Do not click on these pop-ups, connect your wallets, or enter any personal information,” Cointelegraph warned in a post on X, adding that it was “actively working on a fix.”

Victims are typically tricked into connecting wallets for token claims, identity verification, or loyalty rewards — only to have their funds siphoned immediately after.

The tactic mirrors a nearly identical exploit on CoinMarketCap two days earlier, where attackers embedded similar code to serve wallet phishing prompts.

In both cases, the attack relied on hijacking trusted platforms to bypass user skepticism — turning news and data sites into unwitting vectors for wallet drainers.