Binance’s former CEO, Changpeng Zhao (CZ), has warned about a new wave of cyberattacks targeting crypto data platforms.

This follows recent breaches at CoinMarketCap (CMC) and CoinTelegraph (CT) that exposed users to wallet-draining phishing schemes.

The CMC and CT Attacks

“Hackers are targeting information websites now. Be careful when authorizing wallet connect,” CZ said in a post on X. He pointed out that CMC was attacked just two days before CT was hit with a similar breach.

The trouble began on June 21 when CMC users started seeing a pop-up that said “Verify Wallet” and asked them to connect their crypto wallets. Members of the crypto community on X quickly flagged the notification as a phishing attempt designed to deceive victims into revealing private keys or sensitive information.

Shortly after the reports spread on social media, the platform acknowledged the malicious notification on its account. “We’ve identified and removed the malicious code from our site,” CoinMarketCap said in a Friday update. The team added that security investigations were underway and warned people not to connect their wallets.

CZ later shared that early checks showed 39 individuals were affected by the incident, with total losses of around $18,570. CMC also revealed plans to reimburse those affected by the hack.

On June 23, Cointelegraph’s website was also compromised in a front-end exploit. This time, users saw a pop-up promoting a fake token airdrop. The notification claimed people were eligible to get 50,000 “CTG” tokens, worth around $5,500 if they connected their wallets. The pop-up also falsely claimed that CertiK, a well-known security firm, had reviewed the smart contract.

The media outlet confirmed the issue on Sunday night and said it was working to fix it. “Do not click on these pop-ups, connect your wallets, or enter any personal information,” it warned on X.

Blockchain Security firm Scam Sniffer also found that the fake JavaScript code came from the company’s advertising system.

Hackers Are Shifting Tactics

In both cases, the bad actors were able to approve transactions and steal crypto once users connected their wallets. These incidents show a new trend where attackers are now using trusted news and data platforms to reach people instead of going after crypto exchanges directly.

Meanwhile, a recent study by TRM Labs showed that phishing schemes and malware-based infrastructure attacks made up 70% of the $2.2 billion stolen in crypto-related hacks in 2024.

Another report by Cybernews revealed a massive data breach that exposed over 16 billion login credentials, making it one of the largest stolen data collections ever found. Researchers believe this came from infostealer malware, credential stuffing, and past leaks that were repackaged.