Key Points
- The crypto platform CoinMarketCap seems to have been hacked on June 20, multiple reports revealed.
- A malicious pop-up asked users to “Verify Wallet”, which was a trap to steal users’ seed phrases.
- On June 21, CMC officially stated that the website is secure and safe to use.
On June 21, multiple reports revealed that the crypto tracker platform CoinMarketCap might have been hacked. When users tried to access the website on June 20, a pop-up appeared saying “Verify Wallet”. This turned out to be a trap to steal users’ phrases.
However, it seems that by now, CMC has resolved the issue.
Here are more details about the current status of CoinMarketCap.
CoinMarketCap Hack
Decentra crypto platform revealed on X in a post on June 21 that CoinMarketCap was hacked and revealed a fake wallet pop-up alert that appeared to users trying to access the platform.
According to Decentra, CMC website was compromised and a malicious pop-up appeared to users asking them to “Verify Wallet” – this is reportedly a trap to steal users’ seed phrase and should be avoided.
CoinMarketCap HACKED – Fake Wallet Pop-Up Alert!
Earlier today, CMC’s website was compromised.
A malicious pop-up asked users to “Verify Wallet” — it was a trap to steal your seed phrase.Always use trusted wallets
Never share your seed phrase
Move funds if you ever interacted… pic.twitter.com/t6LxzTCWv6— Decentra 🌎 (@DecentraPartyC) June 21, 2025
Vladimir S., threat researcher and author, confirmed the hack via X, sharing a print screen of the pop-up:
It looks like !!! @coinmarketcap is hacked…
When you browse, it asks to connect wallet and then asks for ERC20 approvals. Do not approve and use @RevokeCash if you accidentally did! pic.twitter.com/Pd2zF4MeBW
— Vladimir S. | Officer’s Notes (@officer_cia) June 20, 2025
When we tried to access CMC, our Phantom Wallet Chrome extension confirmed the issue with the website, saying that, for the moment, it’s blocked.
Phantom believes that the website is malicious and unsafe to use now. The website was flagged as part of a community-maintained database of known phishing websites and scams.
Phantom also allows users to ignore the message and proceed further, but until the problem is solved, we advise you to remain cautious.
CoinMarketCap Official Statement
In the morning of June 21, CMC shared a message via X, saying thay on June 20, their security team identified a vulnerability related to a doodle image on CMC’s homepage, and they explained how the malicious code resulted in an unexpected pop-up for some users.
CMC confirmed that all systems are now fully operational and the platform is safe and secure to use.
On June 20, 2025, our security team identified a vulnerability related to a doodle image displayed on our homepage. This doodle image contained a link that triggered malicious code through an API call, resulting in an unexpected pop-up for some users when visited our homepage.…
— CoinMarketCap (@CoinMarketCap) June 21, 2025
Phantom and MetaMask flagged CMC as unsafe, and today’s message from Phantom may be a residual flag from June 20.
Important Advice for Users
CMC assured its users that the platform is now safe to use and secure for everyone. They are actively monitoring feedback, and the support team is standing by to ensure all inquiries are promptly addressed.
However, if you still get a warning message from Phantom or you see the pop-up by any chance when you try to access CMC, we advise you to:
- Avoid using CMC until Phantom lifts the warning
- Confirm the site’s safety via other security tools like VirusTotal
- Use alternative platforms like CoinGecko and others
As a conclusion, we remind everyone to remain cautious online and never give your seed phrase to anyone, no matter which platform asks for it. Crypto is a risky ecosystem, and you should remain vigilant.
