Cosine: Attackers exploited Cointelegraph's XSS vulnerability to launch XSS attacks against the crypto industry - Odaily

Risk Warning: Beware of illegal fundraising in the name of 'virtual currency' and 'blockchain'. — Five departments including the Banking and Insurance Regulatory Commission

Information

Discover

Search

Login

简中

繁中

English

日本語

한국어

ภาษาไทย

Tiếng Việt

BTC

ETH

HTX

SOL

BNB

Cosine: Attackers exploited Cointelegraph's XSS vulnerability to launch XSS attacks against the crypto industry

2024-11-28 01:04

Odaily星球日报讯慢雾余弦于 X 发文表示：“又一起针对 Crypto 行业的 XSS 攻击，攻击者利用 Cointelegraph 网站的 XSS 漏洞，诱骗目标用户打开 Cointelegraph 官网链接（带 XSS 恶意脚本，图 1 地址栏），于是：

-恶意脚本加载执行；

-地址栏被设置成 https://cointelegraph[.]com/not-public/drafts/article-1033，一看还以为是官方未发布的草稿；

-接着弹出 Sign in with X 的伪造框；

-点击 Sign in with X 后打开 X 的第三方应用授权，权限列表那处留了超大段空白，非常鸡贼...此时如果没留意点击了授权，你的 X 有关权限就被攻击者接管了

-剩下的自行脑补，这种稍微带点漏洞利用的钓鱼对应大众来说更是防不胜防，注意了。”

Recommended Articles

Is the collective "resurrection" of old cryptocurrencies such as DASH, ZEC, and ICP a sign of capital nostalgia or a harbinger of a new narrative?

Must-watch items next week: US CPI data may be absent for the first time; Binance Alpha lists JCT and ALLO (November 10-16).

MSX Season 1 Gold Rush Guide: Deconstructing the Points Calculation Logic and How to Maximize Your M-Bean Earnings

Airdrop Weekly Report | Monad plans to hold TGE on November 24; Ethena opens applications for Q4 airdrops (November 3-9).

Pro

One-week token unlock: LINEA unlocked to 16.4% of circulating supply.

Data Breakdown: The Battle to Defend $100,000 – Will Bitcoin Rebound or Dip?

The story of Brother Machi's "zeroing out": His account peaked at nearly $60 million, vanishing in 47 days.

Bitcoin had a dismal start to November; is it really going to hit 90,000?

24-Hour Flash News

2025-11-09 13:42

Crypto KOLs: A review of Binance's historical announcements reveals no changes related to "losses incurred due to platform technical issues are the sole responsibility of the user."

2025-11-09 13:33

SOL breaks through 160 USDT, up 0.97% in the last 24 hours.

2025-11-09 13:23

Spain arrests suspected ringleader of €260 million cryptocurrency Ponzi scheme.

2025-11-09 13:13

Michael Saylor has released another Bitcoin Tracker update; he may disclose his accumulating data next week.

2025-11-09 13:00

Binance Alpha lists MetaArena (TIMI)

2025-11-09 12:42

Warren Buffett will release his farewell letter on November 10th, local time.

Important News

2025-11-09 13:42

Crypto KOLs: A review of Binance's historical announcements reveals no changes related to "losses incurred due to platform technical issues are the sole responsibility of the user."

2025-11-09 13:33

SOL breaks through 160 USDT, up 0.97% in the last 24 hours.

2025-11-09 13:13

Michael Saylor has released another Bitcoin Tracker update; he may disclose his accumulating data next week.

2025-11-09 13:00

Binance Alpha lists MetaArena (TIMI)

2025-11-09 12:42

Warren Buffett will release his farewell letter on November 10th, local time.

2025-11-09 12:17

Trump again calls for an end to the US government shutdown.

Download Odaily App

Let Some People Understand Web3.0 First

Android