CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The alert first appeared on Friday, prompting worries that hackers had slipped malicious code into the site. Within about three hours, CoinMarketCap said it had removed the offending script and began a deeper review of its system. Malicious Popup Hits Site According to CoinMarketCap’s post on its official X account, the popup was not part of any planned update. Based on reports from users on social media, it asked visitors to connect their wallets and approve ERC‑20 token transactions. That kind of prompt can lead to wallet theft or unwanted transfers if people click through. CoinMarketCap warned everyone not to connect their wallets until the issue was fixed. Update: We’ve identified and removed the malicious code from our site. Our team is continuing to investigate and taking steps to strengthen our security. — CoinMarketCap (@CoinMarketCap) June 21, 2025 Wallet Extensions Sound Alarm MetaMask and Phantom, two popular browser‑based crypto wallets, flagged the page as unsafe almost immediately. A crypto user noted that Phantom’s extension showed a warning stating the site was “unsafe to use.” Those built‑in alerts likely saved many users from falling for the scam, since both wallets routinely check for suspicious code before letting you sign any requests. User Data At Risk Based on reports from crypto community members, the popup specifically asked for approvals that could give hackers control over tokens in affected wallets. Phishing scams like this thrive on tricking users into handing over private keys or signing away permissions. CoinMarketCap’s quick action stopped the popup, but it serves as a reminder that even top sites can be targets. Past Security Breach Looms This isn’t the first time CoinMarketCap has faced a breach. Back in October 2021, hackers stole over 3 million email addresses from the site. Those emails later appeared on hacking forums and were flagged by Have I Been Pwned. Now, almost four years later, a new attack vector—injecting code rather than stealing data—shows how threats keep changing. Calls For Stronger Security CoinMarketCap said its team is “continuing to investigate and taking steps to strengthen our security.” It did not share a full timeline for its audit, but noted that users should stay alert for any future alerts on X or other channels. Security experts say adding multi‑factor checks on code changes and regular scans for injected scripts can cut down on risks. Advice For Crypto Users Experts recommend that users treat any unexpected “connect wallet” prompt with suspicion, even on trusted sites. Using hardware wallets or browser extensions that clearly list requested permissions can help you spot shady prompts. Keeping your browser and wallet software up to date is equally key. In the fast‑moving world of crypto, personal caution remains one of the best defenses. Featured image from Bleeping Computer, chart from TradingView
