CoinMarketCap Nukes Fake Wallet Popup—Internal Investigation Heats Up
CoinMarketCap just axed a fraudulent wallet popup—but the drama's far from over. Here's what's brewing behind the scenes.
The takedown:
The crypto data giant swiftly removed a spoofed wallet-connect prompt after users flagged suspicious activity. No funds were reportedly drained—this time.
Behind the curtain:
Sources confirm an active probe into how the scam slipped through. Security audits? More like security 'meh'-dits—amirite?
Why it matters:
With phishing attacks up 300% in 2025, even industry leaders aren't immune. (But hey, at least this didn't involve a monkey JPEG.)
The kicker:
While CMC patches holes, traders keep gambling on memecoins. Priorities, people.
Security AlertWe’re aware that a malicious pop-up prompting users to "Verify Wallet" has appeared on our site.
Do NOT connect your wallet.Our team is actively investigating and working to resolve the issue. — CoinMarketCap (@CoinMarketCap) June 20, 2025
Several crypto users on X flagged the malicious pop-up on CoinMarketCap’s site as a phishing attempt, an increasingly common scam tactic where attackers impersonate trusted platforms to trick users into revealing private keys or sensitive wallet information. These schemes often rely on fake or compromised accounts to share convincing links, putting unsuspecting users at serious risk of asset theft.
Crypto investor and X user known as Jet posted a screenshot revealing that the MetaMask wallet extension had flagged the CoinMarketCap site as “potentially deceptive.” According to the warning, users may be at risk of Secret Recovery Phrase or password theft, unauthorized transactions leading to stolen assets, and other threats. The alert also indicated that the domain had been added to blocklists maintained by SEAL (Security Alliance), ChainPatrol, and MetaMask.
Oh my god pic.twitter.com/L7u01BQfYT
— Jet
Before CoinMarketCap publicly addressed the issue, threat researcher Vladimir S. reported that the site had been compromised. He noted that users who interacted with the pop-up were prompted to connect their wallets and subsequently asked to approve ERC-20 token transactions—an action commonly exploited in phishing scams to authorize unauthorized asset transfers.
It looks like !!! @coinmarketcap is hacked…
When you browse, it asks to connect wallet and then asks for ERC20 approvals. Do not approve and use @RevokeCash if you accidentally did! pic.twitter.com/Pd2zF4MeBW
This incident spotlights the growing risks faced by users in the rapidly evolving crypto ecosystem, where even trusted platforms can become targets for malicious actors. As the industry matures, experts emphasize the importance of vigilance, urging users to verify links, avoid unsolicited wallet connection requests, and employ hardware wallets or multi-factor authentication where possible.
Security firms and platforms continue to develop stronger defenses, but the responsibility also lies with individual users to stay informed and cautious. The CoinMarketCap episode serves as a reminder that the intersection of innovation and security remains a critical challenge for the crypto space.
Read More
Michaela has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
