Security Alert: CoinMarketCap Identifies And Eliminates Rogue Wallet Scam

bitcoinistPublié le 2025-06-21Dernière mise à jour le 2025-06-22

Résumé

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The...

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The alert first appeared on Friday, prompting worries that hackers had slipped malicious code into the site. Within about three hours, CoinMarketCap said it had removed the offending script and began a deeper review of its system.

Malicious Popup Hits Site

According to CoinMarketCap’s post on its official X account, the popup was not part of any planned update. Based on reports from users on social media, it asked visitors to connect their wallets and approve ERC‑20 token transactions. That kind of prompt can lead to wallet theft or unwanted transfers if people click through. CoinMarketCap warned everyone not to connect their wallets until the issue was fixed.

Wallet Extensions Sound Alarm

MetaMask and Phantom, two popular browser‑based crypto wallets, flagged the page as unsafe almost immediately. A crypto user noted that Phantom’s extension showed a warning stating the site was “unsafe to use.” Those built‑in alerts likely saved many users from falling for the scam, since both wallets routinely check for suspicious code before letting you sign any requests.

Image: CoinMarketCap

User Data At Risk

Based on reports from crypto community members, the popup specifically asked for approvals that could give hackers control over tokens in affected wallets. Phishing scams like this thrive on tricking users into handing over private keys or signing away permissions. CoinMarketCap’s quick action stopped the popup, but it serves as a reminder that even top sites can be targets.

Total crypto market cap currently at $3.17 trillion. Chart: TradingView

Past Security Breach Looms

This isn’t the first time CoinMarketCap has faced a breach. Back in October 2021, hackers stole over 3 million email addresses from the site. Those emails later appeared on hacking forums and were flagged by Have I Been Pwned. Now, almost four years later, a new attack vector—injecting code rather than stealing data—shows how threats keep changing.

Image: South African Business Integrator

Calls For Stronger Security

CoinMarketCap said its team is “continuing to investigate and taking steps to strengthen our security.” It did not share a full timeline for its audit, but noted that users should stay alert for any future alerts on X or other channels. Security experts say adding multi‑factor checks on code changes and regular scans for injected scripts can cut down on risks.

Advice For Crypto Users

Experts recommend that users treat any unexpected “connect wallet” prompt with suspicion, even on trusted sites. Using hardware wallets or browser extensions that clearly list requested permissions can help you spot shady prompts. Keeping your browser and wallet software up to date is equally key. In the fast‑moving world of crypto, personal caution remains one of the best defenses.

Featured image from Bleeping Computer, chart from TradingView

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.

Christian, a journalist and editor with leadership roles in Philippine and Canadian media, is fueled by his love for writing and cryptocurrency. Off-screen, he's a cook and cinephile who's constantly intrigued by the size of the universe.

Lectures associées

Le succès de Robinhood Chain prouve qu'Ethereum n'est pas mort

Le succès de Robinhood Chain prouve qu'Ethereum est plus vivant que jamais. Contrairement aux affirmations selon lesquelles les entreprises réelles éviteraient les L1/L2, Robinhood a précisément choisi le modèle L1+L2 d'Ethereum pour sa blockchain dédiée. La plateforme utilise Ethereum pour le règlement, la disponibilité des données (via les blobs) et la sécurité, tout en adoptant ETH comme token de gaz natif. Cet exemple illustre un changement de paradigme dans la crypto : l'ère de la monétisation des tokens cède la place à une économie on-chain axée sur des modèles commerciaux en espèces réels. Les entreprises traditionnelles cherchant à optimiser leurs activités existantes privilégient désormais l'infrastructure pour ses avantages commerciaux – réduction des risques, contrôle, personnalisation et accès à la liquidité – plutôt que pour promouvoir un token natif. La structure en « haltère » d'Ethereum répond parfaitement à ces besoins : la couche L1 offre une base décentralisée, neutre et liquide, tandis que les L2 permettent un environnement d'exécution hautement performant, personnalisable et contrôlé par l'opérateur. Cette approche évite aux entreprises de supporter le coût et la complexité de créer et maintenir une L1 souveraine. Comme Robinhood et Coinbase (avec Base) l'ont démontré, le choix d'une L2 Ethereum est une décision commerciale rationnelle, et non idéologique. Cette tendance devrait renforcer le réseau Ethereum et l'utilité de l'ETH, car son intégration dans les produits grand public accroîtra sa distribution, sa liquidité et son effet de réseau monétaire. Robinhood n'est pas une exception, mais un signal fort de l'avenir des blockchains pour les entreprises réelles.

Odaily星球日报Il y a 53 mins

Le succès de Robinhood Chain prouve qu'Ethereum n'est pas mort

Odaily星球日报Il y a 53 mins

Trading

Spot
活动图片