Cointelegraph Suffers Similar Cyberattack After CoinMarketCap – What’s Going On?

Crypto Reporter

Shalini Nagarajan

Crypto Reporter

Shalini Nagarajan

About Author

Shalini is a crypto reporter who provides in-depth reports on daily developments and regulatory shifts in the cryptocurrency sector.

Author Profile

Share

Copied

Last updated: 

June 23, 2025

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Users visiting the Cointelegraph website on Sunday were confronted with a deceptive pop-up claiming they had won token rewards.

The pop-up message appeared to be part of a legitimate Cointelegraph promotion and told visitors they had been randomly selected to receive 50,000 “CTG” tokens, valued at over $5,000.

The offer seemed polished and convincing, featuring the company’s branding and interface elements that mimicked real airdrop campaigns.

It included a countdown timer and prompts to connect crypto wallets, standard elements in genuine token distribution efforts. However, the entire experience was fabricated by attackers.

A similar front-end attack appeared on CoinMarketCap over the weekend.

Security Firm Flags CoinTelegraph Frontend Hack Originating From Ad System

Scam Sniffer, a blockchain security firm, flagged the breach and posted a public alert, warning that Cointelegraph’s frontend had been compromised.

“Please be cautious,” the firm tweeted, alongside screenshots of the injected code and the fake airdrop interface. The scam was likely designed to trick users into granting wallet permissions, ultimately allowing hackers to drain all funds.

Cointelegraph later confirmed the breach and issued a warning. The company urged users not to interact with the fraudulent pop-up and emphasized that it has never issued a “CTG” token or launched an initial coin offering. It also assured readers that a fix was underway.

According to Scam Sniffer, the malicious JavaScript code came from the site’s advertising system rather than its core infrastructure.

Hackers Shift From Emails to Embedded Ads as Scam Tactics Evolve

The file, served via Cointelegraph’s ad partner, contained wallet-draining scripts disguised as standard ad delivery code. This technique has become more common in recent months as attackers seek to exploit vulnerabilities in trusted platforms’ third-party systems.

The scam interface showed a fake reward worth $5,490 and labeled the transaction process as “secure,” “instant,” and “verified.” Once users clicked to connect their wallet, the script triggered a function that could initiate approvals and transfers without the user’s informed consent.

These types of attacks are particularly dangerous because they appear on well-known, trusted websites. Many users assume such platforms have adequate security measures and may let their guard down. This makes ad-based exploits far more effective than phishing links sent through email or social media.

Fake CTG Token Never Existed on Major Exchanges or Blockchains

The CTG token mentioned in the scam does not exist on CoinMarketCap, CoinGecko, or any legitimate exchange. Neither is there a record of it on Ethereum or other major blockchains. These red flags may be obvious to veteran users, but newer entrants to the space are often unaware of what to look for in a legitimate token offering.

Similar breaches have been reported across the crypto space. CoinMarketCap too experienced a comparable incident this month, where attackers embedded a wallet-draining link into a front-facing promo box on the site. In that case too, the compromise stemmed from third-party code, not the core platform.

As more crypto companies depend on external ad services, their surfaces for attack increase dramatically. Even if a platform is secure at the application level, malicious scripts delivered through external partners can easily bypass protections. The growing trend has prompted calls for stricter auditing of third-party integrations and more robust sandboxing of external content.