CZ: Phishing wave hits crypto info sites, beware of wallet connections

2025/06/23 15:10

Changpeng Zhao just issued a warning, urging users to be careful when authorizing wallet connections as a wave of phishing attempts hits crypto info sites.

In his recent post on X, CZ issued a warning about a new wave of scams targeting major crypto information websites, urging users to be careful when authorizing wallet connections.

The announcement follows two recent hacks, the most recent targeting the crypto media outlet Cointelegraph, and the one before that involving the popular crypto price-tracking website CoinMarketCap.

https://twitter.com/cz_binance/status/1936991040420110834

On Sunday, Cointelegraph’s website was compromised by a front-end exploit, injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.” The pop-up urged users to connect their crypto wallets to receive nearly $5,500 worth of tokens. To add credibility, the attackers even cited a “fair launch” event and a fraudulent CertiK audit.

Cointelegraph immediately responded, warning its readers on X to avoid interacting with the fraudulent pop-up. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” CT wrote, adding that the team was working on a fix to resolve the issue.

The Cointelegraph incident came shortly after a similar attack on CoinMarketCap, which occurred two days earlier. In CoinMarketCap’s case, hackers similarly attempted to trick users into connecting their wallets via a malicious pop-up prompting them to “verify” them. Wallet providers MetaMask and Phantom reportedly flagged the site as unsafe at the time, according to users on X. CMC responded quickly, removing the injected malicious code and launching an ongoing investigation to strengthen its platform’s security.

In another recent scam just a few days ago, hackers similarly tried to exploit users’ trust in established crypto platforms by using fake Aave (AAVE) ads that appeared at the top of Google search results and directed users to phishing a sites mimicking the DeFi platform and draining connected wallets.

Clause de non-responsabilité : les articles republiés sur ce site proviennent de plateformes publiques et sont fournis à titre informatif uniquement. Ils ne reflètent pas nécessairement les opinions de MEXC. Tous les droits restent la propriété des auteurs d’origine. Si vous estimez qu'un contenu porte atteinte aux droits d'un tiers, veuillez contacter service@support.mexc.com pour demander sa suppression. MEXC ne garantit ni l'exactitude, ni l'exhaustivité, ni l'actualité des contenus, et décline toute responsabilité quant aux actions entreprises sur la base des informations fournies. Ces contenus ne constituent pas des conseils financiers, juridiques ou professionnels, et ne doivent pas être interprétés comme une recommandation ou une approbation de la part de MEXC.