CoinMarketCap's front-end compromised, investigation underway

Bitget App

Trade smarter

Bitget

News

Cryptobriefing2025/06/21 09:08

By:Cryptobriefing

Key Takeaways

CoinMarketCap's front end was compromised, displaying unauthorized wallet verification pop-ups to users.
The breach exploited a backend API vulnerability linked to the platform's doodles feature, prompting an ongoing investigation.

Share this article

CoinMarketCap’s front end was compromised on June 20, with its webpage displaying unauthorized pop-up messages asking visitors to verify their crypto wallets. The malicious pop-up was first flagged by several crypto community members.

The platform’s team confirmed the incident and warned users against connecting their wallets while they investigate and work to resolve the issue.

Blockchain security service provider Coinspect Security has uncovered that CoinMarketCap’s backend API is delivering manipulated JSON payloads designed to inject malicious JavaScript through its rotating “doodles” feature.

Also today, Crypto Briefing noticed signs of a similar security incident on another popular crypto website.

CoinMarketCap's front-end compromised, investigation underway image 1

CoinMarketCap's front-end compromised, investigation underway image 2

The webpage displayed a pop-up claiming an “exclusive airdrop” opportunity, which was distinct from the CoinMarketCap incident but similarly prompted visitors to connect their wallets through claiming the airdrop.

Crypto Briefing was unable to confirm whether the site’s front-end was compromised, given that the suspicious behavior appeared to last only around five minutes. The site quickly returned to normal, and the pop-up was no longer visible.

The breach follows a cybersecurity report from Cybernews revealing 16 billion exposed passwords in one of the largest data breaches in history, affecting access to major platforms including Facebook, Google, and Apple.

Experts recommend that users update passwords for all major accounts, especially those connected to sensitive services such as work platforms. Users are strongly advised to use a password manager to generate strong, unique passwords for each account.

Extra security measures, including enabling two-factor authentication (2FA) and closely monitoring accounts, should also be considered.

Share this article

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!