The post Cointelegraph Breach Sends Users to Fake Airdrop Wallet Drainer appeared on BitcoinEthereumNews.com.

Crypto publishing giant Cointelegraph has been the victim of a huge security attack, with hackers compromising its site by adding malicious code that redirected users to a fake airdrop pop-up—ultimately draining unsuspecting users’ wallets. The June 23, 2025, attack points to how much more sophisticated wallet-sucking scams are becoming and the necessity for tighter security protocols in the Web3 publishing sector. How the Attack Evaded Defenses The exploit started when hackers broke into Cointelegraph’s advertisement system, injecting malicious JavaScript code into the front-end of the website. In contrast to traditional phishing emails or social media DMs, this attack leveraged a trusted news portal, showing a compelling pop-up directly on Cointelegraph.com. The pop-up informed users that they had been “randomly selected” to participate in a new token giveaway, awarding 50,000 “CTG” tokens (worth over $5,000) as part of a “fair launch initiative.” The interface mimicked real airdrop campaigns, such as Cointelegraph branding, countdown timer, and requests to connect a crypto wallet. To appear even more legitimate, the scam quoted an imaginary CertiK audit and fabricated token price metrics. The malicious code was delivered through Cointelegraph’s ad partner, so it was essentially impossible for visitors to distinguish the scam from a genuine promotion. Once a visitor had connected his wallet, the script could automatically trigger approvals and transfers—allowing hackers to rapidly and quietly drain funds. Confirmed On-Chain Losses and the Size of the Attack Blockchain security firms like Scam Sniffer and SlowMist quickly alerted the attack, made public announcements, and examined the injected code. While a full scope of the damages remains to be tallied, on-chain inspection confirms that several wallets were drained in minutes of the attack going live. There isn’t any CTG token on any major blockchain or exchange, and no sign of an official Cointelegraph airdrop. The attack duplicated…

---

Filed under: News - @ June 23, 2025 3:28 pm