Changpeng Zhao has issued a warning, advising users to exercise caution when connecting their wallets, as a wave of phishing attacks is currently targeting major crypto information platforms.
In a recent post on X, CZ alerted the community to an uptick in scams affecting leading crypto websites. He emphasized the importance of vigilance when authorizing wallet connections.
This warning comes in the wake of two notable security breaches—one involving the crypto media outlet Cointelegraph, and another targeting the widely used price-tracking site CoinMarketCap.
On Sunday, Cointelegraph’s website fell victim to a front-end exploit that injected a malicious pop-up, falsely promoting “CoinTelegraph ICO Airdrops” and “CTG tokens.” The deceptive message urged users to connect their crypto wallets in order to claim tokens supposedly worth $5,500. To appear legitimate, the attackers referenced a “fair launch” and even included a fake CertiK audit.
Cointelegraph quickly responded to the breach, issuing a warning on X advising users to avoid interacting with the malicious pop-up. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” the team posted, adding that they were actively working to resolve the issue.
The incident followed a similar attack on CoinMarketCap just two days earlier. In that case, hackers deployed a fake pop-up prompting users to “verify” their wallets, aiming to trick them into connecting to a malicious site. Wallet providers like MetaMask and Phantom reportedly flagged CoinMarketCap as unsafe during the attack, according to users on X. CMC acted swiftly, removing the injected code and launching an investigation to bolster the platform’s security.
In yet another recent scam, attackers leveraged fake Aave ads placed at the top of Google search results to lure users to phishing sites that impersonated the DeFi platform. Once users connected their wallets, the attackers drained their funds, exploiting trust in well-known crypto brands.
