Binance founder warns users after hackers use fake wallet prompts to steal funds from crypto platforms.
Cointelegraph and CoinMarketCap faced front-end attacks that tricked users into connecting their wallets.
Phishing scams in crypto are rising fast in 2025 with over two billion dollars lost to wallet-related breaches.
Binance founder Changpeng Zhao has raised concern over the increasing number of crypto-related phishing scams. His warning follows recent attacks on two major crypto platforms, Cointelegraph and CoinMarketCap. Both platforms were compromised through front-end vulnerabilities that exposed users to fake wallet connection prompts.
https://twitter.com/cz_binance/status/1936991040420110834 Cointelegraph Attack Tricked Users with Fake Airdrop
On June 22, Cointelegraph reported a front-end breach that displayed a fraudulent airdrop message. The pop-up claimed users were eligible for a token giveaway. It promised over $5,000 in rewards in exchange for wallet access. To build trust, the scam included a false claim that CertiK had audited the smart contract.
https://twitter.com/Cointelegraph/status/1936959898094583916
The message directed users to link their wallets, which gave attackers direct access to their funds. Cointelegraph acknowledged the breach and warned users not to interact with the prompt. The team also removed the malicious code and worked to secure the platform.
CoinMarketCap Compromised Days Earlier
Two days before the Cointelegraph breach, CoinMarketCap suffered a similar attack. A fake prompt appeared asking users to verify their identity by connecting wallets. The attackers injected harmful code that mimicked a site notification. Once users interacted, their wallets were compromised.
CoinMarketCap reported that 39 users were affected and lost a combined total of $18,570. The company promised full compensation to the victims. It also confirmed the removal of the malicious script and reinforced its site’s security.
Zhao Cautions Users Amid Growing Threat
Changpeng Zhao highlighted both incidents as signs of growing threats in the crypto space. He warned that hackers now target trusted websites instead of blockchain code. These scams aim to trick users through misleading front-end messages.
Zhao urged the community to stay alert when browsing crypto sites. He advised against authorizing wallet connections unless absolutely necessary. His warning reflects a shift in how attackers operate. Human behavior has become a key target for exploitation.
CertiK Reports Shift in Hacker Strategy
Security firm CertiK has observed a rise in phishing and wallet-based scams throughout 2025. These attacks have caused over $2.1 billion in losses so far. Hackers now rely less on code breaches and more on deceptive tactics. They focus on tricking users through pop-ups and fake verification requests.
A recent leak of more than 16 billion credentials may have fueled the ongoing wave of attacks. Many of these credentials came from malware and old data breaches.