CoinMarketCap Removes Malicious “Verify Wallet” Scam Popup

Published: 2025-06-21 23:05:09 |

CoinMarketCap detected and swiftly removed a malicious JavaScript popup on its website that urged users to “Verify Wallet” by connecting and approving ERC-20 token transactions. The bogus prompt, active for approximately three hours on June 21, 2025, raised concerns about wallet theft and unauthorized fund transfers. Popular browser wallets MetaMask and Phantom flagged the page as unsafe, preventing many users from falling victim. CoinMarketCap has launched a full security audit, tightened code-change checks, and advises users to treat unexpected wallet‐connect prompts with caution. Security experts recommend using hardware wallets, keeping software up to date, and avoiding unsolicited transaction approvals to reduce phishing risks.

Neutral

This security alert is classified as neutral because CoinMarketCap’s rapid response and the built-in wallet protections prevented a major breach, minimizing direct market impact. In the short term, user confidence may dip slightly, but the transparency and corrective actions can bolster trust. Historically, breaches without significant asset loss—such as Binance’s login exploit in 2019—have caused only brief market jitters. Over the long term, improved security measures and user vigilance foster a more resilient ecosystem, reducing vulnerability to phishing and code‐injection attacks.