Crypto Website Attacks Surge as Trezor, CoinMarketCap, and Cointelegraph Face Exploits

A wave of cyberattacks has hit major cryptocurrency platforms, with Trezor, CoinMarketCap, and Cointelegraph all reporting security breaches over the past few days. These incidents, occurring between June 20 and June 23, 2025, highlight a growing threat to crypto users as hackers exploit website vulnerabilities to launch phishing scams and wallet draining schemes. The rapid succession of attacks suggests a possible coordinated effort targeting high traffic crypto platforms, raising concerns about user safety and the security of online crypto infrastructure.

On Monday, June 23, Trezor, a leading hardware wallet manufacturer, issued an urgent security alert after discovering that hackers had compromised its website’s contact form. The attackers used the form to send phishing emails disguised as legitimate Trezor customer support messages, attempting to trick users into sharing sensitive wallet backup phrases. Trezor quickly contained the breach and reminded users that the company never requests wallet backups via email, urging vigilance against such scams. The incident underscores the sophistication of phishing attacks, which leverage trusted brand names to deceive users.

Just a day earlier, on June 22, Cointelegraph, a prominent crypto news outlet, confirmed a security breach that exposed users to malicious pop-ups. These pop-ups promoted a fake Cointelegraph token (CTG) and a fraudulent initial coin offering (ICO), urging users to connect their wallets. Blockchain security platform Scam Sniffer identified the exploit, tracing it to a JavaScript payload embedded through the site’s advertising infrastructure, possibly linked to a domain mimicking AdButler. Cointelegraph promptly warned users to avoid interacting with any prompts related to CTG tokens or ICO airdrops, highlighting the risks of engaging with unverified website features.

The cyberattacks began on June 20, when CoinMarketCap, a widely used crypto price tracking platform, reported a similar attack. A malicious pop-up appeared on its homepage, triggered by unauthorized JavaScript embedded in a doodle image. The site’s security team identified and resolved the issue, which briefly disrupted the user interface by prompting wallet connections. Former Binance CEO Changpeng Zhao noted that 39 users fell victim to this attack, collectively losing $18,570, illustrating the tangible financial impact of these exploits.

A Pattern of Ad-Based Exploits

The attacks on Trezor, CoinMarketCap, and Cointelegraph share a common thread, with hackers exploiting website vulnerabilities to deliver deceptive prompts or messages. While Trezor’s breach involved phishing emails via a contact form, CoinMarketCap and Cointelegraph faced front-end compromises through malicious JavaScript, likely introduced via advertising networks. These tactics rely on users’ trust in familiar platforms, making the scams particularly dangerous. The use of pop-ups disguised as legitimate features, such as wallet connections or token airdrops, indicates a strategic approach to targeting crypto users’ assets.

The timing and similarity of these incidents suggest a broader campaign aimed at crypto websites with large user bases. Advertising infrastructure, often a weak point in website security, appears to be a primary vector for these attacks. Hackers exploit these systems to inject malicious code, which then triggers scams without immediately alerting site operators. This pattern raises questions about the adequacy of current security measures on crypto platforms and the need for stronger defenses against ad-based exploits.

Users are advised to exercise caution when interacting with crypto websites, particularly when prompted to connect crypto wallets or share sensitive information. Verifying the authenticity of emails and avoiding unsolicited pop-ups can help mitigate risks. As these attacks demonstrate, even reputable platforms are not immune to breaches, and user awareness is critical to staying safe.

The crypto community now faces heightened scrutiny as these incidents expose vulnerabilities in the ecosystem. With Trezor, CoinMarketCap, and Cointelegraph all targeted within days, other crypto platforms may also be at risk that we aren't aware of yet, so ongoing vigilance and improved security protocols will be essential to counter this in the future.