Jun 2025 - CoinMarketCap Front-End Compromise Connect Wallet Phishing - $22k (Global)
CoinMarketCap (CMC) is a leading cryptocurrency data website founded in 2013 by Brandon Chez in New York City. Often referred to as the “Home of Crypto,” its mission is to organize global crypto intelligence and make it easily accessible. It provides real‑time pricing, market capitalizations, trading volumes, circulating supply, and detailed historical charts for thousands of digital assets. CMC has also expanded its offerings with features like developer APIs, on‑chain analytics, an educational portal (CMC Academy), a portfolio tracker, and mobile apps for both iOS and Android.
Over time, CoinMarketCap has introduced several industry‑first innovations. In 2019, it launched a liquidity metric to combat fake trading volumes and formed the Data Accountability and Transparency Alliance to improve reporting standards. It also created benchmark crypto indices—such as CMC‑200 and CMC‑200 ex‑BTC—underwritten by Solactive AG, which are now tracked on platforms like Nasdaq and Bloomberg. In August 2022, CMC added its on‑chain explorer, DexScan, and a Telegram price bot. It also later integrated a Fear & Greed Index and ChatGPT plugin, continually enhancing its tools and user experience.
The platform is widely regarded as a trusted and unbiased source of cryptocurrency market data. It is regularly cited in major financial media—such as Forbes, Bloomberg, CNBC, Vice, and The New York Times—and even referenced for research by U.S. government agencies. Purchased by Binance in April 2020, CoinMarketCap continues to operate independently and remains one of the most visited cryptocurrency resources globally, drawing hundreds of millions of users annually via its website, apps, newsletters, and social media channels.
The exploit relied on the high volume of traffic which CoinMarketCap receives and the high degree of trust that many users place on the CoinMarketCap platform.
Many services offer feature where wallets can be connected to the interact with the service, such as the post messages or interact with others. CoinMarketCap has an account feature where users can keep watchlists and post messages. Therefore, the concept of CoinMarketCap requesting a wallet connection wasn't entirely unreasonable, and didn't trigger the concern of users.
Once users connected their wallets, the malicious service would invoke code to drain the wallet.
CoinMarketCap reports that a total of 76 accounts were affected, and losses amounted to $21,624.47 USD.
The malicious wallet draining code remained online for several hours before CoinMarketCap was able to notice and ultimately remove it.
Upon concluding their investigation, CoinMarketCap agreed to compensate all users who were affected by the exploit. They report that "[s]ecurity measures have since been reinforced, and the platform remains fully operational".
CoinMarketCap is reportedly covering all losses for affected users. They provided a support portal for any users who were affected to request reimbursement.
It is unclear how the attack was conducted. CoinMarketCap has released limited information about any vulnerabilities which may have been exploited in conducting the attack.
Further Analysis
In a recent security incident, CoinMarketCap (CMC), a widely trusted cryptocurrency data platform, was exploited through a malicious wallet-draining attack that took advantage of its high traffic and user trust. Users were tricked into connecting their crypto wallets to what appeared to be a legitimate CMC feature—something that didn’t raise immediate suspicion given CMC's existing account tools and messaging capabilities. Once connected, the malicious code drained funds from the wallets. A total of 76 accounts were affected, with combined losses of $21,624.47 USD. The code remained active for several hours before being detected and removed. CoinMarketCap has since reinforced its security, promised full reimbursement to affected users, and launched a support portal for claims, though the exact method of the exploit remains undisclosed.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Hacken $HAI Token Minting Hyperinflation Private Key Breach > > < < TokenVault Old Smart Contract Exploited Similarly To Bankroll
Sources/Further Reading
RealScamSniffer - "CoinMarketCap's frontend has been compromised. Please be cautious." - Twitter/X (Dec 31)
RealScamSniffer - "According to our data, we blocked this threat at approximately 2025-06-20T19:44:11.610Z." - Twitter/X (Dec 31)
CoinMarketCap - "We’re aware that a malicious pop-up prompting users to "Verify Wallet" has appeared on our site. Do NOT connect your wallet. Our team is actively investigating and working to resolve the issue." - Twitter/X (Dec 31)
CoinMarketCap - "Update: We've identified and removed the malicious code from our site. Our team is continuing to investigate and taking steps to strengthen our security." - Twitter/X (Dec 31)
CoinMarketCap - "Our investigation is complete. A total of 76 accounts were affected, with losses amounting to $21,624.47. CoinMarketCap will reimburse the full amount." - Twitter/X (Dec 31)
apoorveth - "CoinMarketCap is Hacked POV: you are getting drained (don't try this at home) " - Twitter/X (Dec 31)
About CoinMarketCap (Dec 31)
CoinMarketCap - Wikipedia (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|