CoinMarketCap Removes Malicious Popup Scams Prompting Wallet Verification

CoinMarketCap has removed a malicious popup that was potentially a phishing scam. Users were prompted to verify their crypto wallets, raising security concerns. The site is under investigation, and users are advised against connecting their wallets to avoid further risk. Similar threats were flagged by MetaMask and Phantom.

CoinMarketCap, a prominent player in cryptocurrency price tracking, has recently addressed a significant security issue. They declared they have identified and removed a malicious popup notification from their website. The notification had urged users to verify their cryptocurrency wallets, sparking concern among the community. In a message posted on their official X account, CoinMarketCap stated, “We’ve identified and removed the malicious code from our site.”

However, the situation is still under investigation. CoinMarketCap further noted, “Our team is continuing to investigate and taking steps to strengthen our security.” This update came swiftly, just under three hours, after they first acknowledged the issue amid growing conversations and speculation on social media, particularly on X.

Reports from cryptocurrency users indicated that this popup notification was likely a phishing scam — a method that hackers use to lure victims into divulging private information or keys. The scammers often impersonate trustable accounts or create fake ones to share what looks like legitimate content that links to their phishing sites.

“We’re aware that a malicious popup prompting users to ‘Verify Wallet’ has appeared on our site,” said CoinMarketCap. One user named Auri commented on their experience, noting that it requested them to connect their wallet before asking for approvals to ERC-20 tokens. CoinMarketCap urged users not to engage their wallets and reassured that they were working diligently on resolving the security threat.

Quick to act, crypto wallet services MetaMask and Phantom alerted their users about the threat. In social media posts, some users confirmed that both services flagged the website as unsafe. As of now, users with Phantom wallet have seen a warning that indicates the site is “unsafe to use,” according to further inquiries made by Cointelegraph.

This incident is a concerning reminder, especially considering that it took place nearly four years since the last serious security breach at CoinMarketCap back in October 2021. That hack leaked more than 3.1 million user email addresses. The stolen data circulated online on various hacking forums and was later revealed by the website Have I Been Pwned, which tracks compromised online accounts.