CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message
The company has not disclosed how many users were affected or whether any wallets were compromised as a result of the exploit. Hackers exploited a vulnerability in CoinMarketCap's front-end system by using a doodle image to inject malicious code. The code triggered fake wallet verification pop-ups across the site, instructing users to "Verify Wallet" in a phishing tactic to gain access to their crypto holdings. * CoinMarketCap's team removed the pop-up shortly after discovery and has implemented measures to isolate and mitigate the issue. Hackers exploited a vulnerability in CoinMarketCap’s front-end system, using a seemingly harmless doodle image to inject malicious code that triggered fake wallet verification pop-ups across the site. The breach, confirmed by CoinMarketCap, used its backend API to deliver a manipulated JSON payload that embedded JavaScript into the homepage according to blockchain security firm Coinspect Security.