CoinMarketCap, a leading cryptocurrency price‑tracking website, removed a harmful pop-up that asked users to verify their wallets on Friday, June 20, 2025.
The company stated that it identified and removed the malicious code within less than three hours after initially warning visitors about the issue on its official X(Twitter) account.
CoinMarketCap added that its team is still probing the incident and will boost site security.
Popup Sparks Phishing Concern
Earlier on Friday, visitors to CoinMarketCap saw a pop-up titled “Verify Wallet” that urged them to connect their crypto wallets. Many users on X(Twitter) noted that the message was likely intended to steal private keys or personal data.
Phishing scams often rely on a trusted brand to trick people into sharing sensitive information. A similar pop-up promised an “exclusive airdrop” and asked users to link their wallets to claim free tokens. While that message was a separate incident, it raised fresh alarm about fake offers on major crypto sites.
Also Read: ReversingLabs Uncovers npm-Based Malware Targeting Crypto Users Via Atomic Wallet & Exodus
Site Response and Investigation
“We are aware that a malicious pop-up prompting users to ‘Verify Wallet’ has appeared on our site,” CoinMarketCap said in its first alert. Within hours, the team announced, “We’ve identified and removed the malicious code from our site.”
The company did not share details on how the code arrived or who was behind it. It did, however, assure users that it is stepping up monitoring and strengthening its defences against similar attacks in the future.
Warning From Wallet Extension
Users who run the Phantom wallet browser extension still see a warning that the CoinMarketCap site is “unsafe to use.” Phantom flagged the site after finding suspicious activity.
This extra layer of protection helped alert many people before they clicked the pop-up or shared any data. Wallet extensions and security tools play a key role in blocking phishing and other scams that target crypto holders.
History of Past Breach
Its is not the first time CoinMarketCap has faced a security breach. In October 2021, hackers broke into its systems and stole more than 3.1 million user email addresses. Those addresses later appeared for sale on hacking forums. They were also shared on Have I Been Pwned, a site that tracks data leaks.
CoinMarketCap then urged users to reset their passwords and be cautious of suspicious emails. That episode highlighted how attackers can profit by trading private data from a major crypto platform.
User Safety Measures
Experts say users should never click on unexpected pop-ups that ask for wallet access or private keys. Official airdrops or token drops will not ask for sensitive information on a price‑tracking site.
Instead, legitimate projects usually post links on their verified social‑media pages or official blogs. If you see anything odd, close the browser tab at once and check for official updates on the company’s blog or social feeds.