CoinMarketCap Hacked: Fake Wallet Verification Pop-Up Prompts Crypto Security Alert

CoinMarketCap was hacked on June 20-21, 2025, resulting in a malicious fake wallet verification pop-up appearing on its website. This pop-up prompted users to "Verify Wallet," tricking them into connecting their cryptocurrency wallets and approving transactions that could drain their funds, especially ERC-20 tokens.

The attack exploited a vulnerability in CoinMarketCap’s backend API allowing attackers to inject malicious JavaScript into the site’s front-end.

The incident quickly raised alarms in the crypto community. Wallet providers MetaMask etc flagged the site as unsafe, warning users about the deceptive pop-ups and the risk of secret recovery phrase theft and wallet draining.

CoinMarketCap promptly removed the malicious code and issued warnings advising users not to connect their wallets to any unexpected prompts on the site. The company is continuing its investigation and working to strengthen security measures.

Users affected by the hack were urged to transfer their funds immediately if they interacted with the fake pop-up. General safety advice includes avoiding wallet connections to suspicious prompts, verifying website authenticity, using hardware wallets, and revoking suspicious token approvals.

This breach is part of a broader trend of increasing sophisticated attacks targeting crypto platforms, highlighting the ongoing risks in the digital asset space despite CoinMarketCap’s reputation as a trusted cryptocurrency data aggregator.

It's me, @justmythoughts, an ordinary Hive user looking to make the most of the platform. I will appreciate your support. Follow me for more. Thanks, Gracias :)