“The Company have not Disclosyd How Many USers Were Affected or Walletts Were Compromized As a Result of the Exploit.”, – WRITE: www.coindesk.com
The Breach, ConfirMed by CoinMarketCap, USD Backet Api to Deliver A Manipulated Json Payload that Embedded JavaScript Into the Homepage Access to Blockchain.
On June 20, 2025, Our Security Team Identified A vulnerability Related to A Doodle Image Displayed On Our Homepage. This Doodle Image Contained A Link That Trigger Malicious Code Through An Api Call, Resulting in an Unexpectioned Pop-Up For Some Users Wen Visited Our Homepage.…
– CoinMarketCap (@coinMarketCap) June 21, 2025
The Script Caused An Unauthorized Prompt Instructive USERS TO “Verify Wallet,” A Phishing Tactic Aimed at Tricking Visitors Into Handing Over Access to Their Crypto Holdings.
The Blockchain Security Firm tracied the attacker to the platform’s rotting “doodles” Feature, WHICH ALLOWED ATTACKERS TO IMBED THE MALICIES CODE WITHOUT ALTERING ALTERING THE SITE’S CONFRASTRUCTUCT.
The Pop-Up Was Live for a Short Period Being Removed by Coinmarketcap’s Team.
“UPON Discovery, We Acted ImMediaTely to Remove the Problematic Content,“ CoinMarketCap Said in A Statement Posted to Social Media. “Compreehensive Measures have been Implemented to isolate and Mitigate the Issue.”
CoinMarketcap has not disclosed How Many USers Encounted The Pop-Up or Wallets Were Were Compromized.
