CoinMarketCap Suffers Security Breach, Warns of Phishing Risk

In a recent incident, CoinMarketCap experienced a front-end security breach on June 20, 2025. Unauthorized pop-up prompts aimed to deceive users into “verifying wallets,” highlighting significant phishing risks.

CoinMarketCap’s breach underscores vulnerabilities in cryptocurrency data platforms, affecting user trust. Quick response minimizes immediate financial harm, though vigilance is crucial.

The incident involved CoinMarketCap’s platform , where a security breach allowed malicious pop-ups to target users. The pop-ups, discovered on June 20, 2025, urged users to “Verify Wallet” to steal assets from wallet connections. The CoinMarketCap team quickly issued warnings via their official X account, advising users to avoid interacting with the phishing prompts.

“We’re aware that a malicious pop-up prompting users to ‘Verify Wallet’ has appeared on our site. Do NOT connect your wallet. Our team is actively investigating and working to resolve the issue.” — CoinMarketCap Official, Social Media Team

Security researchers found the intrusion linked to the manipulation of backend API data through the “doodles” feature, resulting in the injection of malicious JavaScript. The absence of direct comments from CMC’s top executives did not diminish user and developer vigilance on platforms like X. While quick alerts helped prevent large-scale fund losses, the breach remains concerning.

Immediate effects were focused on preventing wallet access approval, especially for Ethereum-based ERC-20 tokens. Community warnings and alerts from wallet extensions like MetaMask and Phantom helped avert potential asset losses. ERC-20 tokens were at risk due to the phishing tactic, which echoes past phishing attacks targeting similar platforms.

Market reactions were muted as the prompt nature of alerts helped contain potential thefts. However, the event amplified discussions on security and the need for advanced protection measures. Historical precedents show similarities to previous attacks on Web3 platforms and stress the importance of robust security strategies.

As responses continue to focus on reinforcing platform security, CoinMarketCap and users are advised to remain vigilant for further developments. Trends point toward increased demand for security measures on cryptocurrency data platforms to safeguard against technological and financial vulnerabilities.