⚠️ June 20 CoinMarketCap Hack: What Really Happened and Is It Safe Now?
On June 20, CoinMarketCap (CMC) reportedly experienced a security breach. Several sources confirmed that a harmful pop-up appeared on the site, prompting visitors to "Verify Wallet"—a clear phishing attempt to steal users' seed phrases. Decentra also reported that CMC’s front-end was hijacked, and the pop-up was designed to trick users into revealing sensitive wallet information.
Security researcher Vladimir S. shared proof of the attack, noting that the Phantom Wallet Chrome extension blocked the site, labeling it unsafe based on a known phishing and scam database. While Phantom allowed users to proceed at their own risk, it advised caution until the threat was fully resolved.
On June 21, CMC publicly clarified that a vulnerability in a doodle image on the site led to the malicious code being executed. They assured that the flaw was fixed, all systems are secure, and the platform is now safe to use.
Grok also confirmed that this was a front-end compromise involving the pop-up phishing scam.