Security Alert: CoinMarketCap Identifies And Eliminates Rogue Wallet Scam

bitcoinistDipublikasikan tanggal 2025-06-21Terakhir diperbarui pada 2025-06-22

Abstrak

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The...

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The alert first appeared on Friday, prompting worries that hackers had slipped malicious code into the site. Within about three hours, CoinMarketCap said it had removed the offending script and began a deeper review of its system.

Malicious Popup Hits Site

According to CoinMarketCap’s post on its official X account, the popup was not part of any planned update. Based on reports from users on social media, it asked visitors to connect their wallets and approve ERC‑20 token transactions. That kind of prompt can lead to wallet theft or unwanted transfers if people click through. CoinMarketCap warned everyone not to connect their wallets until the issue was fixed.

Wallet Extensions Sound Alarm

MetaMask and Phantom, two popular browser‑based crypto wallets, flagged the page as unsafe almost immediately. A crypto user noted that Phantom’s extension showed a warning stating the site was “unsafe to use.” Those built‑in alerts likely saved many users from falling for the scam, since both wallets routinely check for suspicious code before letting you sign any requests.

Image: CoinMarketCap

User Data At Risk

Based on reports from crypto community members, the popup specifically asked for approvals that could give hackers control over tokens in affected wallets. Phishing scams like this thrive on tricking users into handing over private keys or signing away permissions. CoinMarketCap’s quick action stopped the popup, but it serves as a reminder that even top sites can be targets.

Total crypto market cap currently at $3.17 trillion. Chart: TradingView

Past Security Breach Looms

This isn’t the first time CoinMarketCap has faced a breach. Back in October 2021, hackers stole over 3 million email addresses from the site. Those emails later appeared on hacking forums and were flagged by Have I Been Pwned. Now, almost four years later, a new attack vector—injecting code rather than stealing data—shows how threats keep changing.

Image: South African Business Integrator

Calls For Stronger Security

CoinMarketCap said its team is “continuing to investigate and taking steps to strengthen our security.” It did not share a full timeline for its audit, but noted that users should stay alert for any future alerts on X or other channels. Security experts say adding multi‑factor checks on code changes and regular scans for injected scripts can cut down on risks.

Advice For Crypto Users

Experts recommend that users treat any unexpected “connect wallet” prompt with suspicion, even on trusted sites. Using hardware wallets or browser extensions that clearly list requested permissions can help you spot shady prompts. Keeping your browser and wallet software up to date is equally key. In the fast‑moving world of crypto, personal caution remains one of the best defenses.

Featured image from Bleeping Computer, chart from TradingView

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.

Christian, a journalist and editor with leadership roles in Philippine and Canadian media, is fueled by his love for writing and cryptocurrency. Off-screen, he's a cook and cinephile who's constantly intrigued by the size of the universe.

Bacaan Terkait

Kesuksesan Robinhood Chain Membuktikan Ethereum Tidak Mati

Robinhood Chain adalah contoh sempurna dari bagaimana perusahaan tradisional memilih model L1+L2 Ethereum saat beralih ke bisnis berbasis blockchain. Alih-alih membangun infrastruktur dari nol atau mengadopsi model rantai mandiri yang mahal, Robinhood menggunakan Ethereum sebagai L1 untuk penyelesaian, keamanan, dan likuiditas, sambil membangun L2 khususnya sendiri dengan teknologi Arbitrum. Ini memungkinkan kendali, kinerja tinggi, dan kepatuhan terhadap regulasi, tanpa biaya dan risiko untuk memelihara ekosistem keamanan dan token gas-nya sendiri. Perbedaan ini mencerminkan pergeseran mendasar dalam industri crypto. Era sebelumnya didorong oleh model "tokenomics" di mana proyek memilih infrastruktur untuk memaksimalkan nilai token. Namun, era baru ini didominasi oleh bisnis nyata (real-world) yang menggunakan teknologi blockchain sebagai infrastruktur untuk mengoptimalkan produk dan arus kas mereka. Targetnya bukan lagi penjualan token, tetapi melayani kebutuhan konsumen nyata. Perusahaan seperti ini memerlukan keseimbangan: L1 Ethereum menawarkan desentralisasi maksimal, netralitas, dan likuiditas global. Sementara itu, L2 (seperti Base milik Coinbase atau Robinhood Chain) menyediakan lingkungan eksekusi yang dapat dikustomisasi, biaya rendah, dan dikendalikan oleh operator. Model "barbel" Ethereum ini—pusat yang kuat (L1) dan tepi yang sangat terdiversifikasi (L2)—menjadi pilihan bisnis yang rasional bagi perusahaan yang fokus pada produk dan pelanggan. Pergeseran ini menguntungkan Ethereum dan ETH. Adopsi oleh bisnis nyata akan mengintegrasikan ETH lebih dalam ke dalam ekonomi dunia, mendistribusikannya ke lebih banyak pengguna, dan memperkuat statusnya sebagai aset likuid dan penyimpan nilai yang andal. Keputusan Robinhood bukanlah eksklusif, melainkan mercusuar untuk masa depan di mana perusahaan dunia nyata membangun di atas Ethereum melalui keputusan komersial pragmatis, bukan ideologi.

Odaily星球日报54m yang lalu

Kesuksesan Robinhood Chain Membuktikan Ethereum Tidak Mati

Odaily星球日报54m yang lalu

Trading

Spot
活动图片