Cryptocurrency media outlet Cointelegraph and several other companies have become targets of a phishing scam. The issue arose following a Jan. 23 Telegram post by blockchain investigator ZachXBT.
Analysis from blockchain analytics service Arkham Intelligence revealed numerous transactions linked to the scam, mostly starting on Jan. 23. Etherscan’s data confirm this, showing 80 Ethereum transactions tied to the attack. Investigations are underway to determine how the attackers managed to send emails appearing to originate from these firms.
One suspected method is email spoofing, where attackers manipulate email headers to mimic legitimate sources. Although modern email services usually block such attempts, success is possible through DNS record tampering.
Another possibility is direct access to the companies’ email servers or individual employee accounts, achieved through phishing, malware, or exploiting previous data breaches.
In response, Cointelegraph alerted its readers, while Etherscan added a phishing scam warning on the associated address’s page. WalletConnect reported awareness of a phishing campaign promoting a fake airdrop, clarifying no employee involvement.
Similarly, Cointelegraph acknowledged the scam, stating they do not issue airdrops. Token Terminal and De.Fi also issued warnings, with De.Fi suggested the compromise of their email service provider, MailerLite, as the likely cause.
Also Read: Crypto Data Provider, CoinGecko faces Phishing Attack
