CoinMarketCap successfully thwarted a phishing popup attempting to defraud users. The incident was resolved in a remarkably short timeframe.
Malicious Popup on CoinMarketCap
A popup pretending to be a legitimate wallet check appeared on CoinMarketCap, asking users to connect their wallets and approve ERC-20 tokens. This was a textbook phishing attempt. CoinMarketCap quickly confirmed its response on social media, stating that the team continues to investigate the issue while enhancing site security.
Wallet Providers' Response
Wallet providers like MetaMask and Phantom also reacted swiftly to the threat, warning users and advising them to revoke suspicious approvals. Phantom even labeled CoinMarketCap as 'unsafe to use' due to the popup. Users on social media shared screenshots of the phishing prompt encouraging them to connect wallets.
Analysis and User Warnings
Experts believe that the vulnerability arose from the animation engine, allowing attackers to sneak in harmful scripts through seemingly harmless files. Even though the malicious code was limited to the frontend, it is recommended for anyone who connected their wallets during the incident to revoke any token approvals immediately. This is not the first time CoinMarketCap has faced similar issues.
The incident with the phishing popup on CoinMarketCap serves as a reminder for users: always be vigilant and check approvals and requests directly in your wallet.
