Now Reading: CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message
-
01
CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message
[ad_1]
Hackers exploited a vulnerability in CoinMarketCap’s front-end system, utilizing a seemingly innocent doodle picture to inject malicious code that triggered faux pockets verification pop-ups throughout the location.
The breach, confirmed by CoinMarketCap, used its backend API to ship a manipulated JSON payload that embedded JavaScript into the homepage based on blockchain safety agency Coinspect Security.
On June 20, 2025, our safety crew recognized a vulnerability associated to a doodle picture displayed on our homepage. This doodle picture contained a hyperlink that triggered malicious code by means of an API name, leading to an sudden pop-up for some customers when visited our homepage.…
— CoinMarketCap (@CoinMarketCap) June 21, 2025
The script brought on an unauthorized immediate instructing customers to “Verify Wallet,” a phishing tactic aimed toward tricking guests into handing over entry to their crypto holdings.
The blockchain safety agency traced the assault to the platform’s rotating “doodles” function, which allowed attackers to embed the malicious code with out altering the location’s core infrastructure.
The pop-up was reside for a brief interval earlier than being eliminated by CoinMarketCap’s crew.
“Upon discovery, we acted immediately to remove the problematic content,” CoinMarketCap mentioned in a press release posted to social media. “Comprehensive measures have been implemented to isolate and mitigate the issue.”
CoinMarketCap has not disclosed what number of customers encountered the pop-up or whether or not any wallets had been compromised.
[ad_2]
