Jun 2025 - CoinTelegraph Website CTG Fair Token Airdrop Phishing - $Unknown (Global)
Founded in 2013, Cointelegraph is a privately held company specializing in cryptocurrency, blockchain, and fintech news. Cointelegraph is a leading independent digital media outlet. It delivers daily news, in-depth analysis, and educational content across various topics, including Bitcoin, Ethereum, decentralized finance (DeFi), non-fungible tokens (NFTs), and Web3. The platform is recognized for its comprehensive coverage, featuring expert opinions, price charts, and reports on the social impact of digital currencies.
Headquartered in the United States, Cointelegraph has expanded its presence internationally, with teams in over 30 countries. The company publishes more than 1,000 articles monthly and offers a range of resources, such as a mobile app, video content, and educational materials like "Cryptopedia" . Despite its prominence, Cointelegraph has faced criticism over the years for occasional inaccuracies and sensational headlines, which have led to discussions about its editorial practices within the crypto community.
In addition to its U.S. headquarters, Cointelegraph has expanded its global presence with offices in various countries, including China, Japan, South Korea, and the United Arab Emirates.
Visitors of CoinTelegraph were greeted with a pop-up advertisement which claimed they had been randomly selected to receive a free airdrop of new CTG tokens, with a reported value of $5,490 USD. The user was prompted to connect their wallet, which would likely be drained.
According to analysis from realScamSniffer, there was compromised JavaScript code coming from a third-party advertising software called "AdButler" on domain "adbutlerserve.com".
It's unclear if the advertising partner was compromised, or CoinTelegraph was tricked into applying JavaScript code which is from a fake advertising company. CoinTelegraph has attributed the failure to their "banner publishing system" being "briefly compromised".
It is unknown how many people fell victim to the CoinTelegraph website phishing.
After widespread detection and coverage, CoinTelegraph published a notice that they were aware of the issue on their website and working on a resolution.
CoinTelegraph was ultimately able to remove the malicious advertisement, and subsequently posted an update to that effect.
CoinTelegraph has not publicly offered any assistance for those affected.
There is no clarity regarding who was affected by the incident, or what was lost. It is unclear if any investigation is continuing.
Further Analysis
Cointelegraph, a prominent cryptocurrency and blockchain news outlet, suffered a security breach involving malicious JavaScript injected through a third-party advertising service called "AdButler" on the domain adbutlerserve.com. The attack was traced to the company's banner publishing system, which was briefly compromised. Although Cointelegraph acknowledged the issue and removed the malicious advertisement, it has not provided details on who was affected, the extent of the damage, or any ongoing investigation, nor has it offered support to potential victims of the phishing incident.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Rowan Energy Blockchain Closes Amid Fraud Allegations > > < < Infrared Finance Copycat On Base Access Control Drain Issue
Sources/Further Reading
SlowMist Team - "SlowMist TI Alert @Cointelegraph's frontend has been compromised. Stay vigilant!" - Twitter/X (Dec 31)
realScamSniffer - "CoinTelegraph's frontend has been compromised. Please be cautious." - Twitter/X (Dec 31)
realScamSniffer - "According to our data, we blocked this threat at approximately "2025-06-22T22:41:51.050Z"." - Twitter/X (Dec 31)
realScamSniffer - "The malicious JS code appears to come from Cointelegraph's advertising system." - Twitter/X (Dec 31)
CoinTelegraph - "Cointelegraph’s banner publishing system was briefly compromised on June 21, resulting in a malicious advertisement promoting a fake token airdrop on our website. The team identified and resolved the issue by removing unauthorized code that briefly affected our system. We have strengthened our security controls to prevent any similar occurrences in the future." - Twitter/X (Dec 31)
"ALERT: We are aware of a fraudulent pop-up falsely claiming to offer “CoinTelegraph ICO Airdrops” or “CTG tokens” that are appearing on our site." - Twitter/X (Dec 31)
About CoinTelegraph (Dec 31)
CoinTelegraph LinkedIn (Dec 31)
Cointelegraph Announces Chinese HQ, Bolstering Its International Expansion - CoinTelegraph (Dec 31)
CoinTelegraph Office Locations - Employbl (Dec 31)
Cointelegraph Company Profile 2024 - Pitchbook (Dec 31)
Cointelegraph Overview - SignalHire Company Profile (Dec 31)
Cointelegraph: Contact Information, Journalists, and Overview - Muckrack (Dec 31)
Another example why not to trust Cointelegraph - CryptoCurrency Reddit (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|