Security Alert: CoinMarketCap Identifies And Eliminates Rogue Wallet Scam

bitcoinist发布于2025-06-21更新于2025-06-22

文章摘要

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The...

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

CoinMarketCap tackled a security scare on its website this week when a fake popup urged users to “Verify Wallet.” The alert first appeared on Friday, prompting worries that hackers had slipped malicious code into the site. Within about three hours, CoinMarketCap said it had removed the offending script and began a deeper review of its system.

Malicious Popup Hits Site

According to CoinMarketCap’s post on its official X account, the popup was not part of any planned update. Based on reports from users on social media, it asked visitors to connect their wallets and approve ERC‑20 token transactions. That kind of prompt can lead to wallet theft or unwanted transfers if people click through. CoinMarketCap warned everyone not to connect their wallets until the issue was fixed.

Wallet Extensions Sound Alarm

MetaMask and Phantom, two popular browser‑based crypto wallets, flagged the page as unsafe almost immediately. A crypto user noted that Phantom’s extension showed a warning stating the site was “unsafe to use.” Those built‑in alerts likely saved many users from falling for the scam, since both wallets routinely check for suspicious code before letting you sign any requests.

Image: CoinMarketCap

User Data At Risk

Based on reports from crypto community members, the popup specifically asked for approvals that could give hackers control over tokens in affected wallets. Phishing scams like this thrive on tricking users into handing over private keys or signing away permissions. CoinMarketCap’s quick action stopped the popup, but it serves as a reminder that even top sites can be targets.

Total crypto market cap currently at $3.17 trillion. Chart: TradingView

Past Security Breach Looms

This isn’t the first time CoinMarketCap has faced a breach. Back in October 2021, hackers stole over 3 million email addresses from the site. Those emails later appeared on hacking forums and were flagged by Have I Been Pwned. Now, almost four years later, a new attack vector—injecting code rather than stealing data—shows how threats keep changing.

Image: South African Business Integrator

Calls For Stronger Security

CoinMarketCap said its team is “continuing to investigate and taking steps to strengthen our security.” It did not share a full timeline for its audit, but noted that users should stay alert for any future alerts on X or other channels. Security experts say adding multi‑factor checks on code changes and regular scans for injected scripts can cut down on risks.

Advice For Crypto Users

Experts recommend that users treat any unexpected “connect wallet” prompt with suspicion, even on trusted sites. Using hardware wallets or browser extensions that clearly list requested permissions can help you spot shady prompts. Keeping your browser and wallet software up to date is equally key. In the fast‑moving world of crypto, personal caution remains one of the best defenses.

Featured image from Bleeping Computer, chart from TradingView

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.

Christian, a journalist and editor with leadership roles in Philippine and Canadian media, is fueled by his love for writing and cryptocurrency. Off-screen, he's a cook and cinephile who's constantly intrigued by the size of the universe.

你可能也喜欢

Robinhood Chain的成功证明以太坊未死

加密货币行业正从以代币销售为中心的模式,转向由实体企业驱动的真实现金流业务模式。这一转变中,企业的技术选择逻辑发生了根本变化。Robinhood选择基于以太坊主网(L1)并利用Arbitrum技术构建自己的以太坊二层网络(L2)——Robinhood Chain,是这一趋势的典型例证。它使用以太坊保证数据可用性和安全性,并采用ETH作为原生Gas代币,这并非出于对以太坊的偏好,而是基于降低风险、优化产品、触达客户和保障利润的理性商业决策。 过去,许多项目围绕其欲出售的代币来选择区块链架构。如今,服务于广泛实体经济用户的公司,其目标是运营现金业务,因此会选择能最大化业务而非代币价值的基础设施。以太坊的“L1+L2”模型恰好满足了这一需求:L1层提供高度去中心化、可信中立且流动性强的全球结算与安全基础;L2层则提供了可定制、高性能、低成本且控制权明确的执行环境。这种结构允许企业在边缘进行创新和定制,同时依赖一个强大且中立的共同底层。 Coinbase推出Base链也遵循了类似的商业逻辑。随着监管框架逐步明晰,更多传统金融机构和公司进入链上领域,这种以以太坊为核心的“杠铃”结构优势将更加明显。这不仅会将以太坊和ETH更深度地集成到更广泛的经济活动中,增强其流动性和网络效应,也预示着加密技术将像互联网一样,逐渐融入并服务于整体经济,而不再是一个割裂的领域。

Odaily星球日报1小时前

Robinhood Chain的成功证明以太坊未死

Odaily星球日报1小时前

交易

现货
活动图片