Cointelegraph Hit by Clever Pop-Up Scam: Here’s How It Happened
June 23, 2025, started like any other news day for Cointelegraph until it didn’t. The popular crypto news site was suddenly hit by a cyberattack that caught readers off guard. Anyone landing on the site was met with a pop-up screaming about a “prize” of 50,000 CTG tokens, supposedly worth $5,000. The catch? The token didn’t exist.
The scam’s real aim was to get users to connect their crypto wallets. Behind the scenes, a malicious script was ready to drain funds from anyone who took the bait.
How the Hack Worked
This wasn’t a break-in through Cointelegraph’s servers or editorial tools. Instead, hackers slipped malicious JavaScript into the site via a compromised third-party ad network, a tactic becoming more common in high-profile web hacks.
The code displayed a fake airdrop interface, complete with flashy branding, ticking countdowns, and all the urgency tricks you’d expect from a con artist. Scam Sniffer, a blockchain security firm, later confirmed the rogue ad network was the source of the attack, which appeared globally for readers.
Cointelegraph’s Response
Within hours, the company posted a blunt warning on X (formerly Twitter):
“Do NOT connect your wallet to any popup claiming to offer CTG tokens. Cointelegraph has not issued any token. We’re investigating a breach via third-party scripts.”
The vulnerability was patched quickly, though some users still reported losing funds before the fix went live.
Why It Matters for the Crypto Media Space
This wasn’t just another hack, it’s a wake-up call. Like CoinMarketCap’s incident earlier this year, the attack didn’t target the site’s main codebase at all. It came in through ads. These “Trojan horse” ad network exploits are tricky to spot and often breeze past regular audits.
Hackers also count on trust. Readers assume a site like Cointelegraph is safe, so when something appears on its domain, people are far more likely to click without thinking twice.
How to Spot (and Avoid) a Scam Like This
- No token exists - CTG isn’t listed on CoinGecko, CoinMarketCap, or any blockchain explorer.
- Big promises + timers - Rewards that seem unreal, paired with ticking clocks, are an instant red flag.
- Random wallet prompts - If you didn’t ask for it, don’t approve it.
What Publishers Can Do
- Audit and vet all ad network partners.
- Run ad scripts in isolated sandboxes.
- Use monitoring tools to detect unauthorized script changes.
- Act fast and be transparent as Cointelegraph did to limit harm.
The Bottom Line
The CTG “airdrop” was fiction, but the theft attempt was very real. Hackers piggybacked on trust in a well-known brand to push a wallet-draining scam. Whether you run a crypto site, invest in digital assets, or just read the news, keep your guard up. In crypto, trust can be your biggest vulnerability.