Web3 writer with a background in copywriting and content strategy, now channeling that into educating and influencing within the Web3 space.
Web3 writer with a background in copywriting and content strategy, now channeling that into educating and influencing within the Web3 space.
Subscribe to Simply_Hussayn
Subscribe to Simply_Hussayn
Share Dialog
Share Dialog
<100 subscribers
<100 subscribers
On the night of June 20, 2025, the crypto community was shaken when CoinMarketCap, one of the most visited cryptocurrency price-tracking platforms, unexpectedly displayed a suspicious “Verify Your Wallet” pop-up on its homepage. The pop-up was designed to phish users into connecting their wallets, potentially exposing their funds to malicious actors.
According to CoinMarketCap’s official X account, their security team quickly identified the issue. The attack stemmed from a seemingly harmless doodle image embedded on the site. However, that image carried a link triggering malicious JavaScript code via an API call, which prompted the fake verification request for some users visiting the homepage.
“Our team is continuing to investigate and taking steps to strengthen our security,” it added.
The update came less than three hours after CoinMarketCap publicly addressed the malicious notification amid multiple reports spreading on social media.
The team acted swiftly to remove the infected code and assured users that the threat had been completely neutralized. CoinMarketCap later confirmed the platform was once again safe and secure to use.
Despite the quick response, the event sparked immediate concern across the crypto community. On X, well-known crypto analyst Jameson Lopp was among the first to raise the alarm. He warned that the pop-up was an attempt by hackers to drain wallets, especially those connected via browser extensions like MetaMask or Phantom.
Another user, Auri, detailed how the fake prompt requested wallet approvals, a common trick used in phishing schemes to gain access to users’ ERC-20 tokens and other digital assets.
As stated by an X user, platforms like Phantom and MetaMask flagged CoinMarketCap’s site as unsafe, advising users not to visit it until further notice. The warning echoed across several Discord groups and crypto Telegram channels, as users repeated a now-common caution: “DO NOT VERIFY WALLET.”
Unfortunately, this wasn’t CoinMarketCap’s first run-in with cyber threats. Back in October 2021, the platform suffered a significant data breach, which led to over 3.1 million email addresses of registered users being compromised. Those stolen emails were later found circulating on hacking forums and were identified by Have I Been Pwned, a website that tracks data breaches and compromised accounts.
This latest phishing attempt also arrives amid a wave of high-profile crypto security incidents.
Just recently, Nobitex, Iran’s largest crypto exchange, was reportedly hacked by the Pro-Israel group “Predatory Sparrow”, part of an escalating cyber front in the ongoing Iran-Israel conflict. The attack allegedly resulted in close to $90 million in crypto losses, according to reports from CNN, Coingape, and other reputable outlets. Analysts believe the hack was intended to weaken Iran’s financial position during rising military tensions.
Adding to the chaos, Coinbase, one of the most prominent U.S.-based exchanges, also experienced a security breach last month, raising even more concerns about the broader state of cybersecurity in crypto.
This incident is part of a much larger trend sweeping across the crypto ndustry. According to a 2024 report by cybersecurity firm Kaspersky, phishing attacks targeting crypto users surged by 83.4%, rising from 5.8 million to 10.7 million attempts in just one year.
The CoinMarketCap breach fits this pattern perfectly, using a deceptive pop-up to trick users into connecting their wallets and approving malicious transactions. As phishing becomes more sophisticated and widespread, even trusted platforms are no longer safe from exploitation.
On the night of June 20, 2025, the crypto community was shaken when CoinMarketCap, one of the most visited cryptocurrency price-tracking platforms, unexpectedly displayed a suspicious “Verify Your Wallet” pop-up on its homepage. The pop-up was designed to phish users into connecting their wallets, potentially exposing their funds to malicious actors.
According to CoinMarketCap’s official X account, their security team quickly identified the issue. The attack stemmed from a seemingly harmless doodle image embedded on the site. However, that image carried a link triggering malicious JavaScript code via an API call, which prompted the fake verification request for some users visiting the homepage.
“Our team is continuing to investigate and taking steps to strengthen our security,” it added.
The update came less than three hours after CoinMarketCap publicly addressed the malicious notification amid multiple reports spreading on social media.
The team acted swiftly to remove the infected code and assured users that the threat had been completely neutralized. CoinMarketCap later confirmed the platform was once again safe and secure to use.
Despite the quick response, the event sparked immediate concern across the crypto community. On X, well-known crypto analyst Jameson Lopp was among the first to raise the alarm. He warned that the pop-up was an attempt by hackers to drain wallets, especially those connected via browser extensions like MetaMask or Phantom.
Another user, Auri, detailed how the fake prompt requested wallet approvals, a common trick used in phishing schemes to gain access to users’ ERC-20 tokens and other digital assets.
As stated by an X user, platforms like Phantom and MetaMask flagged CoinMarketCap’s site as unsafe, advising users not to visit it until further notice. The warning echoed across several Discord groups and crypto Telegram channels, as users repeated a now-common caution: “DO NOT VERIFY WALLET.”
Unfortunately, this wasn’t CoinMarketCap’s first run-in with cyber threats. Back in October 2021, the platform suffered a significant data breach, which led to over 3.1 million email addresses of registered users being compromised. Those stolen emails were later found circulating on hacking forums and were identified by Have I Been Pwned, a website that tracks data breaches and compromised accounts.
This latest phishing attempt also arrives amid a wave of high-profile crypto security incidents.
Just recently, Nobitex, Iran’s largest crypto exchange, was reportedly hacked by the Pro-Israel group “Predatory Sparrow”, part of an escalating cyber front in the ongoing Iran-Israel conflict. The attack allegedly resulted in close to $90 million in crypto losses, according to reports from CNN, Coingape, and other reputable outlets. Analysts believe the hack was intended to weaken Iran’s financial position during rising military tensions.
Adding to the chaos, Coinbase, one of the most prominent U.S.-based exchanges, also experienced a security breach last month, raising even more concerns about the broader state of cybersecurity in crypto.
This incident is part of a much larger trend sweeping across the crypto ndustry. According to a 2024 report by cybersecurity firm Kaspersky, phishing attacks targeting crypto users surged by 83.4%, rising from 5.8 million to 10.7 million attempts in just one year.
The CoinMarketCap breach fits this pattern perfectly, using a deceptive pop-up to trick users into connecting their wallets and approving malicious transactions. As phishing becomes more sophisticated and widespread, even trusted platforms are no longer safe from exploitation.
No activity yet