CZ: Phishing wave hits crypto info sites, beware of wallet connections

2025/06/23 15:10

Changpeng Zhao just issued a warning, urging users to be careful when authorizing wallet connections as a wave of phishing attempts hits crypto info sites.

In his recent post on X, CZ issued a warning about a new wave of scams targeting major crypto information websites, urging users to be careful when authorizing wallet connections.

The announcement follows two recent hacks, the most recent targeting the crypto media outlet Cointelegraph, and the one before that involving the popular crypto price-tracking website CoinMarketCap.

https://twitter.com/cz_binance/status/1936991040420110834

On Sunday, Cointelegraph’s website was compromised by a front-end exploit, injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.” The pop-up urged users to connect their crypto wallets to receive nearly $5,500 worth of tokens. To add credibility, the attackers even cited a “fair launch” event and a fraudulent CertiK audit.

Cointelegraph immediately responded, warning its readers on X to avoid interacting with the fraudulent pop-up. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” CT wrote, adding that the team was working on a fix to resolve the issue.

The Cointelegraph incident came shortly after a similar attack on CoinMarketCap, which occurred two days earlier. In CoinMarketCap’s case, hackers similarly attempted to trick users into connecting their wallets via a malicious pop-up prompting them to “verify” them. Wallet providers MetaMask and Phantom reportedly flagged the site as unsafe at the time, according to users on X. CMC responded quickly, removing the injected malicious code and launching an ongoing investigation to strengthen its platform’s security.

In another recent scam just a few days ago, hackers similarly tried to exploit users’ trust in established crypto platforms by using fake Aave (AAVE) ads that appeared at the top of Google search results and directed users to phishing a sites mimicking the DeFi platform and draining connected wallets.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.