21-6-2025 – CoinMarketCap, the prominent cryptocurrency price-tracking platform, has eradicated malicious code from its website, according to a statement shared on its official X account. The offending code, which triggered a deceptive popup urging users to “verify” their crypto wallets, was neutralised, though the company stressed that its probe into the breach remains active. “Our team continues to fortify our defences as we delve deeper into this incident,” the platform declared, underscoring its commitment to robust security.
The alert surfaced amid a flurry of speculation on social media, with CoinMarketCap addressing the issue within hours of its detection. Crypto enthusiasts on X were quick to flag the popup as a potential phishing scam, a nefarious tactic designed to dupe users into surrendering sensitive private keys or personal details. Such schemes often exploit trusted platforms or mimic legitimate ones to lure victims. One user, Auri, noted the popup’s attempt to connect wallets and seek approvals for ERC-20 tokens, a hallmark of phishing ploys. CoinMarketCap issued a stern warning, urging users to avoid linking their wallets while it worked to quash the threat.
The breach echoes a prior security lapse in October 2021, when CoinMarketCap suffered a significant hack, exposing over 3.1 million user email addresses. Those compromised details later surfaced on hacking forums, a discovery highlighted by Have I Been Pwned, a site dedicated to tracking online security breaches. This time, vigilance from the crypto community proved invaluable, with users like Jet noting that wallet providers MetaMask and Phantom swiftly flagged the malicious activity, helping to curb its spread.
