CoinMarketCap, a price-tracking website for cryptocurrencies, has reportedly removed a malicious popup notification on its website prompting users to verify their cryptocurrency wallets, according to a post on its official X account.
“We’ve identified and removed the malicious code from our site,” CoinMarketCap said in a post on Friday.
CoinMarketCap has not finished investigating the issue
“Our team is continuing to investigate and taking steps to strengthen our security,” it added.
The update came less than three hours after CoinMarketCap publicly addressed the malicious notification amid rumors and speculation spreading on social media.
“We’re aware that a malicious popup prompting users to “Verify Wallet” has appeared on our site,” CoinMarketCap said at the time.
Many crypto users on X said the malicious popup appeared to be a phishing scam, a crypto scam that involves tricking victims into giving up their private keys or personal information. Hackers often hijack trusted accounts or create fake ones to post phishing links that appear to be legitimate.
Crypto user Auri said the notification “asks to connect wallet and then asks for approvals to ERC-20 tokens.”
CoinMarketCap warned users not to connect their wallet and reiterated that they were working on “resolving the issue.”
MetaMask and Phantom quickly spotted the issue
Crypto user Jet claimed that MetaMask and Phantom had “red-flagged it.”
Related: Crypto VC partner loses ‘life savings’ during fake Zoom call
At the time of publication, users with a Phantom wallet browser extension are shown a warning that the website is “unsafe to use,” according to further investigation by Cointelegraph.
The incident occurred nearly four years after CoinMarketCap was hacked in October 2021, resulting in the leak of over 3.1 million (3,117,548) user email addresses.
The information came to light after the hacked email addresses were found to be traded and sold online on various hacking forums and revealed by Have I Been Pwned, a website dedicated to tracking hacks and compromised online accounts.
Magazine: Arthur Hayes doesn’t care when his Bitcoin predictions are totally wrong
