Digital Assets
CoinTelegraph's Website Faces Fake Airdrop Scam Days After CoinMarketCap Hack
Updated on Mon, Jun 23, 2025
Well, some of us have been there, too!
It’s surreal because the voice sounds quite convincing, the bank logo checks out, and the urgency feels real. Yet, before you know it, you’ve handed over your account access to scammers and can only watch your funds disappear.
Well, that’s voice phishing at play and is a rising concern, especially after what happened to users visiting the CoinTelegraph website on June 23, 2025.
Just as Bitcoin dipped by over 4% to $99,237 and Ether slid by nearly 8.5% to $2,199, fears were already swirling in the crypto market—then came this blow.
Unlike voice phishing, the leading crypto news site reportedly suffered a front-end breach, allowing scammers to inject a fake token airdrop directly onto its homepage. Visitors were lured into connecting their wallets to claim “CTG” tokens that never existed—only to have their assets drained in seconds.
This cryptocurrency breach comes hot on the heels of a scam targeting a similar website, CoinMarketCap, signaling a troubling rise in attacks on trusted platforms in the crypto world.
So, what really happened during the CoinTelegraph breach—and what should users look out for next?
Let’s take a look!
What Was The CoinTelegraph Fake Airdrop All About?
A fake pop-up appeared on CoinTelegraph’s official site, claiming users were eligible for a $275,000 “CTG” token airdrop as part of a supposed CoinTelegraph ICO.
It offered 50,000 CTG tokens, assigning a fake value of $5,490 to each—despite CTG being a non-existent token.
The interface prompted users to connect their wallets and submit personal information, a tactic commonly used to authorize wallet-draining transactions.
No official announcement or launch of a CTG token had been made by CoinTelegraph—making the pop-up a red flag for those familiar with crypto scams.
The scam mimicked the platform’s branding and UI, making it even harder to distinguish from a legitimate promotion, raising questions about the sophistication of the hack.
So, How Did The CoinTelegraph Attack Occur?
The breach appears to have originated through CoinTelegraph’s ad infrastructure, with malicious JavaScript code injected via its ad-serving system. This allowed the attackers to hijack the site’s frontend and serve phishing pop-ups to real users, without taking down the actual site.
The method mirrors the recent CoinMarketCap compromise, where attackers exploited the site’s homepage “doodle” image to inject similar malicious code.
In both cases, the pop-up only appeared during specific windows, likely to avoid early detection.
The pattern of attacking through ad systems or third-party assets highlights a broader vulnerability in the security infrastructure of popular crypto platforms.
What Did CoinTelegraph Say?
Once the hack was discovered, CoinTelegraph acknowledged the issue through its official social media channels and warned users not to interact with the pop-up.
The CoinTelegraph team urged users not to connect wallets, click any buttons, or share personal data. It also confirmed the CTG token was fake and that no airdrop or ICO had ever been planned.
Engineers are reportedly working to remove the malicious code and fortify their advertising stack to prevent further exploitation.
What Does It Say About The Crypto Landscape?
The recent incidents with CoinMarketCap and CoinTelegraph underscore the growing risk of wallet drainer attacks, shifting from sketchy links and phishing emails to high-traffic, legitimate platforms.
These attacks exploit consumers’ trust by leveraging ad networks, third-party scripts, and plugin integrations to bypass traditional cybersecurity protections. Similar attacks have already affected thousands of users, with reported losses from wallet drainers reaching hundreds of millions of dollars globally in the past year alone.
While Web 3.0 tools bring autonomy, they also place greater responsibility on users to be aware—even on trusted platforms.
Users can follow certain guidelines to ensure safety, such as avoiding connecting crypto wallets through pop-ups. Users should also cross-check any token or ICO announcement on multiple official sources before taking action (DYOR – do your own research).
Using browser extensions or wallet tools to detect malicious scripts or suspicious approval requests and staying updated on known scams and threats can be vital—after all, knowledge is a critical defense.
Do you think fake airdrops on trusted platforms can become the biggest risk for Web 3.0?
Let us know in the comments below!
First published on Mon, Jun 23, 2025
Enjoyed what you read? Great news – there’s a lot more to explore!
Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!
Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.
Head to the TechDogs homepage to Know Your World of technology today!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.
Loading comments...
.gif)
