CoinMarketCap suffers from hacker attack

CoinMarketCap has removed a fraudulent popup notification that appeared on its website prompting users to “verify” their cryptocurrency wallets.

The platform confirmed the removal on its official X (formerly Twitter) account on Friday, just hours after users began sounding the alarm, reports Cointelegraph.

“We’ve identified and removed the malicious code from our site,” the team said, adding that they are still investigating the incident. The popup appeared to be a phishing attempt, aiming to trick users into connecting wallets and granting access to ERC-20 tokens — a method commonly used by scammers to drain users’ funds.

Community Flags Prompt Fast Response

Several crypto users flagged the popup as a phishing scam, with wallet providers MetaMask and Phantom quickly reacting by issuing security warnings. Phantom’s browser extension even labeled CoinMarketCap’s site as “unsafe to use” during the incident.

One user on X, “Auri,” warned that the popup asked for token approvals — a classic phishing tactic. CoinMarketCap reassured users it was working to resolve the issue and urged everyone not to connect their wallets. The swift response reflects improved coordination between platforms and wallet providers, as real-time security awareness becomes increasingly vital in protecting digital assets.

Ongoing Investigation and Historical Context

The breach, while contained, triggered concern due to CoinMarketCap’s high visibility in the crypto space. The company emphasized that it has not yet concluded its investigation and is “taking steps to strengthen security.” The incident is reminiscent of a previous hack in October 2021, when over 3.1 million user emails were leaked and later circulated on hacking forums.

That breach, revealed by Have I Been Pwned, underscored the importance of vigilant cybersecurity practices for platforms in the digital asset space. As CoinMarketCap tightens its defenses, users are once again reminded of the risks associated with connecting wallets to external sites — even those widely considered reputable.

Recently we wrote that cold crypto wallets, pre-configured to steal user assets after deposit, are increasingly appearing on online marketplaces.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.