Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users
A cyber-attack on CoinMarketCap exposed users to a fake Web3 wallet prompt, draining $43,266 from wallets.
A recent cyber-attack on CoinMarketCap, one of the most visited cryptocurrency tracking sites, has briefly exposed users to a fake Web3 wallet prompt that stole funds from connected wallets.
The breach was discovered on Friday evening, June 20, and has since been contained. Visitors to the site were shown a popup that mimicked a standard Web3 connection request, urging them to link their crypto wallets.
Once connected, the prompt triggered a wallet-draining script that transferred assets out of users’ accounts.
The source of the vulnerability was traced back to a homepage “doodle” image, which had been compromised through a tampered API call.
CoinMarketCap confirmed the breach in a statement posted to X (formerly Twitter), explaining that attackers had injected malicious JavaScript via a modified JSON payload linked to the doodle image.
Author's summary: CoinMarketCap users lost $43,000 to a fake Web3 wallet prompt.
More News
- Semiconductor Stock Could Stage a Short-Term Breakout - Schaeffer's Investment Research
- Guide: the full evening schedule at tonight's Kulturnatta
- ASTER Leads Perp DEX Volumes Despite $4.8M Wintermute Transfers
- National and local meteorologists express alarm as the Trump administration implements Project 2025’s scheme to dismantle NOAA
- Nigeria Is Eager to See Petrobras Return to Its Oil Patch | OilPrice.com
- Pokemon Legends: Z-A Brings Back Pokemon Not Seen in Over 10 Years
- Will a Tiny Reactor Someday Power Your Town?
- Singer Teddy Swims cancels weekend concerts in Waikiki | Honolulu Star-Advertiser
- 6 Ways Drinking Carrot Juice Can Benefit Your Health
- Gabriel Diallo Earns First Main Draw Win at Roland Garros