CoinMarketCap recently removed a deceptive popup that prompted users to “verify” their crypto wallets. This incident, which was flagged as a phishing attempt, occurred on a Friday and was addressed swiftly.
The company acknowledged the issue on social media, stating that they had identified and eliminated the malicious code from their site and were actively investigating the matter to enhance their security. The popup triggered numerous warnings on social media, where crypto users cautioned others against clicking anything suspicious.
Many recognized this tactic as a classic phishing scam aimed at acquiring private keys or approving unauthorized transactions that could drain wallets. Scammers often create urgent prompts that mimic legitimate brands or influencers, using verified accounts or convincing fakes to lure users to fraudulent pages.
On May 29, one user raised an alarm about a fake $SONIC airdrop, advising others not to engage with the link. These fraudulent posts may appear authentic, particularly when they originate from familiar names or use similar URL structures.
A simple click can give attackers access to a user’s wallet. Another user reported that the CoinMarketCap prompt requested wallet connections and sought approvals for ERC-20 tokens, a common method for compromising user funds without needing passwords or seed phrases.
During this incident, popular digital wallets like MetaMask and Phantom flagged CoinMarketCap as unsafe. However, CoinMarketCap has yet to disclose technical specifics about the code injection or if any user data was compromised.
This situation has heightened concerns, especially since CoinMarketCap experienced a significant breach in 2021, resulting in the exposure of over 3.1 million email addresses. Phishing remains a prominent threat in the crypto space due to the irreversible nature of blockchain transactions and the vulnerability of hot wallets.
As the landscape evolves with emerging trends like NFTs and DeFi, attackers are finding more ways to exploit users. CoinMarketCap has urged users to exercise caution and verify the authenticity of prompts before connecting their wallets.
The company’s security team continues to evaluate the incident.