What is a wallet drainer?
A wallet drainer is a type of malicious script that steals cryptocurrency from a user's wallet when they connect it to a compromised website or interact with a malicious transaction request.
Yanuki
ARTICLE DETAIL
CoinMarketCap and Cointelegraph Hacked in Similar Crypto Wallet Drain Attacks | Drone Strikes on AWS: A Wake-Up Call for Cloud Resilience | Conduent Data Breach Balloons, Affecting Millions of Americans | Salesforce Data Breach Impacts Over 200 Companies Via Gainsight | CoinMarketCap Launches CMC20 Index Token for Top 20 Cryptocurrencies | Bitcoin and Ethereum Market Cap Decline; Mutuum Finance Presale Gains Traction | Malicious VS Code Extension and NPM Packages Target Developers | SentinelOne’s AI Partnerships: Redefining Cloud Security? | SonicWall Blames State-Sponsored Hackers for September Security Breach | CoinMarketCap and Cointelegraph Hacked in Similar Crypto Wallet Drain Attacks | Drone Strikes on AWS: A Wake-Up Call for Cloud Resilience | Conduent Data Breach Balloons, Affecting Millions of Americans | Salesforce Data Breach Impacts Over 200 Companies Via Gainsight | CoinMarketCap Launches CMC20 Index Token for Top 20 Cryptocurrencies | Bitcoin and Ethereum Market Cap Decline; Mutuum Finance Presale Gains Traction | Malicious VS Code Extension and NPM Packages Target Developers | SentinelOne’s AI Partnerships: Redefining Cloud Security? | SonicWall Blames State-Sponsored Hackers for September Security Breach
Security / Cybersecurity
CoinMarketCap and Cointelegraph Hacked in Similar Crypto Wallet Drain Attacks
Two prominent cryptocurrency platforms, CoinMarketCap and Cointelegraph, have recently fallen victim to similar supply chain attacks, resulting in the theft of cryptocurrency from users. These incidents highlight the increasing sophisticati...
Key Insights
- CoinMarketCap was hacked via a malicious script injected through a compromised "doodle" image API, leading to a fake Web3 popup that drained wallets. This matters because it demonstrates how trusted elements of a platform can be exploited.
- Cointelegraph experienced a front-end exploit that displayed a fraudulent banner offering fake "CoinTelegraph ICO Airdrops" and "CTG tokens," tricking users into connecting their wallets. This shows how attackers are using social engineering to bypass user skepticism.
- Both attacks involved the use of wallet drainers, which have stolen almost $500 million in 2024. This highlights the growing threat of wallet drainers in the crypto space.
- The attacks mirror each other, indicating a coordinated effort or a shared technique among threat actors targeting the cryptocurrency industry. This suggests that other platforms could be at risk.
In-Depth Analysis
CoinMarketCap, a popular cryptocurrency price tracking website, suffered a supply chain attack on June 20, 2025. Threat actors exploited a vulnerability in the site's homepage "doodle" image to inject malicious JavaScript. This script displayed a fake wallet connect popup, mimicking a legitimate Web3 transaction request but instead draining cryptocurrency from connected wallets.
Cointelegraph, a crypto news outlet, was compromised by a front-end exploit on June 23, 2025. Attackers injected a malicious pop-up that falsely claimed to offer “CoinTelegraph ICO Airdrops” and “CTG tokens.” The fraudulent banner urged users to connect their crypto wallets in exchange for nearly $5,500 worth of tokens.
These attacks highlight the increasing prevalence of wallet drainers. In 2024, wallet drainers stole almost $500 million through attacks targeting more than 300,000 wallet addresses. Users should be extremely cautious when connecting their wallets to websites or interacting with unsolicited offers.
FAQ
How can I protect myself from wallet drainer attacks?
Be cautious when connecting your wallet to websites, especially if they are unfamiliar or offer unsolicited rewards. Verify the legitimacy of any transaction requests before approving them. Use hardware wallets for added security. Keep your browser extensions updated, and consider using security tools that detect wallet drainers.
Takeaways
- Always be skeptical of offers that seem too good to be true, especially those involving cryptocurrency.
- Verify the legitimacy of websites and applications before connecting your crypto wallet.
- Use a hardware wallet for an extra layer of security.
- Keep your software and browser extensions up to date.
- Report any suspicious activity to the platform in question.
Discussion
Do you think these types of attacks will continue to increase? What measures do you take to protect your crypto wallets? Share this article with others who need to stay ahead of this trend!
Sources
Disclaimer
This article was compiled by Yanuki using publicly available data and trending information. The content may summarize or reference third-party sources that have not been independently verified. While we aim to provide timely and accurate insights, the information presented may be incomplete or outdated.
All content is provided for general informational purposes only and does not constitute financial, legal, or professional advice. Yanuki makes no representations or warranties regarding the reliability or completeness of the information.
This article may include links to external sources for further context. These links are provided for convenience only and do not imply endorsement.
Always do your own research (DYOR) before making any decisions based on the information presented.