CoinMarketCap faced a brief but impactful security breach on June 20, exposing users to a fraudulent wallet verification pop-up that threatened crypto wallet safety.
The incident was traced back to malicious JavaScript embedded via a doodle image on the platform’s homepage, highlighting vulnerabilities in third-party content integrations.
COINOTAG sources emphasize the importance of user vigilance, with CoinMarketCap urging users not to connect wallets during the breach and reassuring that no losses occurred.
CoinMarketCap’s June 20 security breach exposed users to fake wallet verification pop-ups via malicious JavaScript, underscoring crypto platform vulnerabilities and user caution.
‘,
‘
🚀 Advanced Trading Tools Await You!
Maximize your potential. Join now and start trading!
‘,
‘
📈 Professional Trading Platform
Leverage advanced tools and a wide range of coins to boost your investments. Sign up now!
‘
];
var adplace = document.getElementById(“ads-bitget”);
if (adplace) {
var sessperindex = parseInt(sessionStorage.getItem(“adsindexBitget”));
var adsindex = isNaN(sessperindex) ? Math.floor(Math.random() * adscodesBitget.length) : sessperindex;
adplace.innerHTML = adscodesBitget[adsindex];
sessperindex = adsindex === adscodesBitget.length – 1 ? 0 : adsindex + 1;
sessionStorage.setItem(“adsindexBitget”, sessperindex);
}
})();
On June 20, 2025, CoinMarketCap experienced a security incident that briefly compromised its homepage interface by displaying a deceptive pop-up prompting users to verify their crypto wallets. This pop-up, which mimicked legitimate site functionality, was the result of malicious JavaScript code injected through a seemingly innocuous doodle image embedded on the homepage. The data aggregator swiftly alerted users, warning them not to connect their wallets to the suspicious prompt.
Investigations revealed that the malicious code originated from a compromised third-party service, likely an ad network, which injected unauthorized scripts into CoinMarketCap’s content delivery system. The breach was not due to internal infrastructure vulnerabilities but rather external dependencies used to serve dynamic content. CoinMarketCap promptly removed all affected scripts and implemented enhanced security measures to prevent recurrence.
‘
];
var adplace = document.getElementById(“ads-binance”);
if (adplace) {
var sessperindex = parseInt(sessionStorage.getItem(“adsindexBinance”));
var adsindex = isNaN(sessperindex) ? Math.floor(Math.random() * adscodesBinance.length) : sessperindex;
adplace.innerHTML = adscodesBinance[adsindex];
sessperindex = adsindex === adscodesBinance.length – 1 ? 0 : adsindex + 1;
sessionStorage.setItem(“adsindexBinance”, sessperindex);
}
})();
Source: https://en.coinotag.com/coinmarketcap-faces-possible-security-vulnerability-after-malicious-wallet-verification-pop-up-incident/