The computer pirates exploited a vulnerability in the CoinmarketCap frontal system, using an apparently harmless scribble image to inject a malicious code that triggered emerging windows of false wallet verification throughout the site.
The rape, confirmed by Coinmarketcap, used its Backend API to deliver a manipulated JSON useful load that integrated Javascript on the home page according to the Blockchain Security Security firm Coinspect Security.
On June 20, 2025, our security team identified a vulnerability related to an image of scribbles shown on our home page. This image of Doodle contained a link that activated the malicious code through an API call, which resulted in an unexpected emerging window for some users when our home page was visited …
– Coinmarketcap (@coinmarketcap) June 21, 2025
The script caused an unauthorized notice that instructed users to “verify the wallet”, a phishing tactic aimed at deceiving visitors to deliver access to their cryptographic properties.
The Blockchain security firm drew the attack on the characteristic of rotating “scribbles.
The emerging window was live for a short period before being removed by the CoinmarketCap team.
“After the discovery, we immediately act to eliminate the problematic content,” said CoinmarketCap in a statement published on social networks. “Comprehensive measures have been implemented to isolate and mitigate the problem.”
Coinmarketcap has not revealed how many users found the emerging window or if any wallet was compromised.
