Cointelegraph has confirmed a front-end exploit on its website that promoted a fraudulent token airdrop aimed at stealing users' funds. The attack involved phishing pop-ups falsely claiming users were selected for a giveaway, enticing them to connect their crypto wallets under the pretense of receiving tokens valued at over $5,500. The incident follows a similar exploit targeting CoinMarketCap just days earlier, highlighting a rise in phishing attacks targeting crypto platforms. Cointelegraph has warned users not to interact with these pop-ups or provide personal information, stating they are addressing the issue. This attack builds upon a disturbing trend, with blockchain intelligence firm TRM Labs noting that phishing schemes accounted for 70% of the $2.2 billion stolen in cryptocurrency hacks in 2024. Furthermore, recent security news revealed over 16 billion stolen login credentials, potentially linked to malware and credential stuffing.

Source 🔗