In short
- Cointelegraph has confirmed that a front-end hack was used to operate phishing pop-ups to people who have access to the site.
- Coinmarketcap suffered a similar exploit days earlier.
- Victims are misled to connect their wallet to receive fake -Airdrops.
Crypto News Outlet Interconnect confirmed that the website was in danger in a front-end exploit that was used to promote a fraudulent token AirDrop and to steal from users.
It said In a statement on X on Sunday evening that it was aware of the “fraudulent pop-up” and “actively worked on a solution”.
“Do not click on these pop-ups, connect your portfolios [or] Enter all personal information, “warned.
Decrypt has approached Interconnect For comments.
The pop-up falsely claims that users have been selected for a giveaway action of a new token, supposedly part of a “fair launch initiative” by Cointelegraph to reward loyal readers.
It showed a manufactured token price and promised users a little less than $ 5,500 in tokens if they connect their crypto portfolios. It also claimed that security company Certik had checked the smart contract.
The method used reflects a similar front-end attack on the Coinmarketcap price aggregator, which took place only two days earlier.
In that case, visitors to the site saw pop-ups to request wallet connections to request verification purposes. Coinmarketcap later confirmed Malicious code had been injected into the site and it was deleted.
Both incidents represent a growing wave of phishing attacks on crypto platforms via compromised user interfaces.
In this scam, victims are lured under false pretensions in connecting portfolios – such as receiving tokens or confirming identity – and then see their bills emptied by the attacker.
According to Blockchain-Instichteringenbedrijf TRM Labs, phishing schemes and malware-based infrastructure attacks made up 70% of the $ 2.2 billion stolen in crypto-related hacks in 2024.
The Cointelegraph attack only comes a few days after security researchers made public A huge data dump with more than 16 billion stolen login details, including access to accounts on platforms such as Google, Telegram, Facebook and Github.
The trove was probably assembled from InfoStealer malware, reference filling and earlier leaks.
Edited by Sebastian Sinclair
Daily debrief Newsletter
Start every day with the top news stories at the moment, plus original functions, a podcast, videos and more.