Changpeng Zhao just issued a warning, urging users to be careful when authorizing wallet connections as a wave of phishing attempts hits crypto info sites.
In his recent post on X, CZ issued a warning about a new wave of scams targeting major crypto information websites, urging users to be careful when authorizing wallet connections.
The announcement follows two recent hacks, the most recent targeting the crypto media outlet Cointelegraph, and the one before that involving the popular crypto price-tracking website CoinMarketCap.
2 days ago CMC, now CT. Hackers are targeting information web sites now. Be careful when authorizing wallet connect.
For CMC, based on initial on-chain analysis, there are 39 victims with a combined loss of $18,570. @CoinMarketCap will cover all losses. https://t.co/egkekyjAYQ
— CZ 🔶 BNB (@cz_binance) June 23, 2025
On Sunday, Cointelegraph’s website was compromised by a front-end exploit, injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.” The pop-up urged users to connect their crypto wallets to receive nearly $5,500 worth of tokens. To add credibility, the attackers even cited a “fair launch” event and a fraudulent CertiK audit.
Cointelegraph immediately responded, warning its readers on X to avoid interacting with the fraudulent pop-up. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” CT wrote, adding that the team was working on a fix to resolve the issue.
The Cointelegraph incident came shortly after a similar attack on CoinMarketCap, which occurred two days earlier. In CoinMarketCap’s case, hackers similarly attempted to trick users into connecting their wallets via a malicious pop-up prompting them to “verify” them. Wallet providers MetaMask and Phantom reportedly flagged the site as unsafe at the time, according to users on X. CMC responded quickly, removing the injected malicious code and launching an ongoing investigation to strengthen its platform’s security.
In another recent scam just a few days ago, hackers similarly tried to exploit users’ trust in established crypto platforms by using fake Aave (AAVE) ads that appeared at the top of Google search results and directed users to phishing a sites mimicking the DeFi platform and draining connected wallets.
Source link