Crypto media outlet Cointelegraph has confirmed its website was compromised by a front-end exploit on Sunday, with attackers injecting a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.”

The fake banner urged readers to connect their crypto wallets in exchange for nearly $5,500 worth of tokens, citing a “fair launch” event and a bogus CertiK audit to lend legitimacy to the scam.

“Do not click on these pop-ups, connect your wallets, or enter any personal information,” Cointelegraph warned in a post on X, adding that it was “actively working on a fix.”

Victims are typically tricked into connecting wallets for token claims, identity verification, or loyalty rewards — only to have their funds siphoned immediately after.

The tactic mirrors a nearly identical exploit on CoinMarketCap two days earlier, where attackers embedded similar code to serve wallet phishing prompts.

In both cases, the attack relied on hijacking trusted platforms to bypass user skepticism — turning news and data sites into unwitting vectors for wallet drainers.