Cointelegraph Frontend Hacked After CoinMarketCap

Cointelegraph’s website was compromised on June 23, 2025, in a front-end breach that exposed users to pop-ups delivering phishing prompts. The injected JavaScript, labeled “inject.js,” appeared designed to steal crypto wallet credentials through deceptive transaction requests.

Security firm Blockaid and several users on X flagged the issue early. No losses have been confirmed, but the nature of the pop-up strongly suggests attempts at wallet draining.

As of this writing, Cointelegraph has not released an official statement. The site has returned to normal, but the lack of transparency has drawn criticism, especially when compared to the prompt response from CoinMarketCap just days earlier.

Src: Scam Sniffer | Web3 Anti-Scam

CoinMarketCap Breached Three Days Prior

On June 20, 2025, CoinMarketCap suffered a similar front-end exploit. A malicious pop-up prompted users to verify wallets, a common phishing tactic. The vector was traced to a doodle image linked via a backend API, which served modified JSON payloads embedding JavaScript.

CoinMarketCap acted swiftly, removing the exploit and posting a public warning. Wallet providers like MetaMask and Phantom marked the site as unsafe, while users were urged to revoke token approvals and avoid interaction.

No confirmed losses were reported. The code injection is believed to have originated from a compromised third-party vendor, possibly an ad network.

Shared Patterns and Security Gaps

Both hacks used malicious JavaScript to compromise the front end, exploiting trust in major platforms. Each prompted users to connect wallets or approve transactions under false pretenses. While no major funds have been confirmed stolen, the potential risk to user assets was substantial.

The key difference lies in response: CoinMarketCap issued a formal acknowledgment and root cause breakdown, while Cointelegraph’s silence has fueled speculation and concern.