Krutika Adani
Visitors were lured with a polished “CTG token” reward offer. The pop-up mimicked real promos—but was a front for wallet theft.
CoinMarketCap faced a similar attack just days earlier. Both incidents involved fake airdrops and wallet-draining scripts—planted through third-party ad systems.
Scam Sniffer flagged malicious JavaScript in Cointelegraph’s ad system, not core code.
By targeting ad scripts on legit sites, attackers bypass user suspicion. This stealth method is rapidly gaining traction.
As crypto sites rely more on ad partners, security gaps widen. More breaches are likely unless stronger safeguards are adopted now.