{"id":36326,"date":"2025-06-21T23:09:21","date_gmt":"2025-06-21T23:09:21","guid":{"rendered":"https:\/\/www.bitrabo.com\/discover\/?p=36326"},"modified":"2025-06-21T23:09:21","modified_gmt":"2025-06-21T23:09:21","slug":"coinmarketcap-uncovers-and-removes-rogue-wallet-scam-now","status":"publish","type":"post","link":"https:\/\/www.bitrabo.com\/discover\/coinmarketcap-uncovers-and-removes-rogue-wallet-scam-now\/","title":{"rendered":"CoinMarketCap Uncovers and Removes Rogue Wallet Scam Now"},"content":{"rendered":"\n

This week, a significant security incident emerged on CoinMarketCap’s platform as users were confronted with a fraudulent popup asking them to \u201cVerify Wallet.\u201d The alarming notice first made its appearance on a Friday, triggering concerns that malicious actors had managed to infiltrate the site. In a swift response, CoinMarketCap announced within three hours that the harmful script had been eradicated and that a thorough investigation of their security measures was underway.<\/p>\n

<\/span>Fraudulent Popup Exposes Vulnerability<\/strong><\/span><\/h2>\n

In a communication shared via their official account on social media, CoinMarketCap clarified that the popup was not part of any regular update. User reports indicated that the alert prompted visitors to connect their wallets and approve transactions involving ERC\u201120 tokens. Such manipulative prompts can lead to wallet theft<\/strong> or unauthorized transfers if unsuspecting users comply. The platform advised users to refrain from connecting their wallets until the situation had been thoroughly addressed.<\/p>\n

\n

Update: We have identified the malware and taken it off our site.<\/p>\n

Our team is actively probing further and enhancing our security protocols.<\/p>\n

\u2014 CoinMarketCap (@CoinMarketCap) June 21, 2025<\/a><\/p>\n<\/blockquote>\n

<\/span>Crypto Wallet Extensions Respond<\/strong><\/span><\/h2>\n

MetaMask<\/a> and Phantom, two widely-used crypto wallet extensions, promptly flagged the affected page as untrustworthy. Immediate alerts displayed warnings that the site was \u201cunsafe to use,\u201d likely preventing many users from succumbing to the deceit. Both wallet extensions perform routine checks for suspicious code, an essential feature that contributed to minimizing risk.<\/p>\n

<\/p>\n

Potential Risk to User Accounts<\/strong><\/p>\n

Reports from the cryptocurrency community revealed that the popup sought approvals that could allow malicious actors to gain control over assets stored in users’ wallets. Phishing scams<\/a> like this thrive on victim manipulation, enticing them to provide sensitive information or unwittingly authorize transactions. CoinMarketCap’s prompt action contained the threat, but it highlights a broader concern about the security of even reputable platforms.<\/p>\n


\nHistory of Security Issues<\/strong><\/p>\n

This incident marks another chapter in CoinMarketCap\u2019s history of security concerns. In October 2021, a significant breach led to the theft of over 3 million email addresses, which later surfaced on various hacking forums, raising alarm within the community. As security threats evolve, the injection of harmful code signifies an unsettling shift in tactics employed by cybercriminals.<\/p>\n

\"\"<\/p>\n

Demands for Robust Security Measures<\/strong><\/p>\n

CoinMarketCap has committed to further investigations and enhancements of its security protocols. While a detailed timeline for the ongoing audit has not been shared, users are encouraged to remain vigilant for updates across various communication platforms. Security experts recommend implementing measures like multi-factor authentication for code changes and conducting frequent scans to identify injected scripts to mitigate vulnerabilities.<\/p>\n

Safety Tips for Cryptocurrency Users<\/strong><\/p>\n

Experts advise that users should approach unexpected \u201cconnect wallet\u201d prompts with a high level of caution, even from trusted platforms. Utilizing hardware wallets or browser extensions that transparently display requested permissions can alert users to suspicious activities. Keeping both browser and wallet applications updated is equally critical. In the fast-evolving realm of cryptocurrency, maintaining personal vigilance is one of the most effective protective strategies.<\/p>\n

Image source from Bleeping Computer, with data from TradingView<\/em><\/p>\n