Vulnerability cyber

CoinMarketCap

Jun 23, 2025 1 min read
CoinMarketCap

CoinMarketCap, a popular cryptocurrency price tracking site, experienced a website supply chain attack that exposed visitors to a wallet drainer campaign. The attack, which occurred on January 20, exploited a vulnerability in the site's homepage 'doodle' image to inject malicious JavaScript, resulting in Web3 popups that drained cryptocurrency from connected wallets. The attack affected 110 victims, resulting in a loss of $43,266. The company confirmed the issue and implemented measures to mitigate the problem.

Source: https://www.bleepingcomputer.com/news/security/coinmarketcap-briefly-hacked-to-drain-crypto-wallets-via-fake-web3-popup/

TPRM report: https://scoringcyber.rankiteo.com/company/coinmarketcap

"id": "coi001062325",
"linkid": "coinmarketcap",
"type": "Vulnerability",
"date": "6/2025",
"severity": "50",
"impact": "",
"explanation": "Attack limited on finance or reputation: Attack on credit cards"
{'affected_entities': [{'customers_affected': '110',
                        'industry': 'Cryptocurrency',
                        'name': 'CoinMarketCap',
                        'type': 'Business'}],
 'attack_vector': "Vulnerability in homepage 'doodle' image",
 'date_detected': '2025-06-20',
 'description': 'CoinMarketCap, the popular cryptocurrency price tracking '
                'site, suffered a website supply chain attack that exposed '
                "site visitors to a wallet drainer campaign to steal visitors' "
                'crypto.',
 'impact': {'financial_loss': '$43,266',
            'systems_affected': 'CoinMarketCap Website'},
 'initial_access_broker': {'entry_point': 'API call used to retrieve doodle '
                                          'image'},
 'lessons_learned': 'Supply chain attacks are hard to detect because they '
                    'exploit trusted elements of a platform.',
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'corrective_actions': 'Removed problematic '
                                                  'content, implemented '
                                                  'comprehensive measures',
                            'root_causes': "Vulnerability in the site's "
                                           'homepage doodle image'},
 'references': [{'source': 'Rey'}],
 'response': {'communication_strategy': 'Statement posted on X',
              'containment_measures': 'Removed problematic content, identified '
                                      'root cause, implemented comprehensive '
                                      'measures',
              'incident_response_plan_activated': 'Yes',
              'recovery_measures': 'All systems are now fully operational'},
 'threat_actor': 'Unknown',
 'title': 'CoinMarketCap Website Supply Chain Attack',
 'type': 'Supply Chain Attack',
 'vulnerability_exploited': 'Malicious JavaScript injection through API call'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Apache

public 1 min read
A significant security vulnerability (CVE-2025-32896) was disclosed in Apache SeaTunnel, a widely used distributed data integration platform. This flaw allows…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.