Cointelegraph

2024-01-23

Attackers use compromised MailerLite access to send phishing emails from Cointelegraph, WalletConnect, Token Terminal, De.Fi, and Decrypt official email addresses. Phishing emails promote fake airdrops and deploy Angel Drainer via malicious dApps. ZachXBT warns on Telegram and identifies attacker wallet address 0xe7D13137923142A0424771E1778865b88752B3c7.

2024-01-23

ZachXBT reports over $580,000 has been drained from victims across multiple chains within hours of the campaign launch.

2024-01-24

MailerLite confirms the breach, disclosing that a support team member was socially engineered via a fraudulent Google sign-in page. 117 accounts were initially reported as accessed (later revised to 70), with four used to launch phishing campaigns. MailerLite notified affected customers within 8 hours.

2024-01-24

Total losses from the MailerLite phishing campaign estimated at approximately $700,000 in liquid assets (Nansen's $3.3M figure revised downward after accounting for illiquid XBANKING tokens). Blockaid reports it protected an additional $2.7 million in user funds.

2025-06-21

Cointelegraph's banner publishing system is briefly compromised. A malicious JavaScript payload is injected via a fraudulent ad network domain resembling AdButler, displaying a fake CTG token ICO airdrop pop-up connected to Inferno Drainer infrastructure.

2025-06-22

Cointelegraph publicly warns users not to interact with pop-ups promoting CTG tokens or connect wallets to suspicious prompts. The compromised banner system is cleaned. Help Net Security and Scam Sniffer attribute both the Cointelegraph and CoinMarketCap attacks to Inferno Drainer customers.