{"id":33000,"date":"2025-06-21T16:01:42","date_gmt":"2025-06-21T16:01:42","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=33000"},"modified":"2025-06-21T16:01:42","modified_gmt":"2025-06-21T16:01:42","slug":"coinmarketcap-briefly-exploited-with-wallet-phishing-pop-up-message","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=33000","title":{"rendered":"CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message"},"content":{"rendered":"<div>\n<p>Hackers exploited a vulnerability in CoinMarketCap\u2019s front-end system, using a seemingly harmless doodle image to inject malicious code that triggered fake wallet verification pop-ups across the site.<\/p>\n<p>The breach, confirmed by CoinMarketCap, used its backend API to deliver a manipulated JSON payload that embedded JavaScript into the homepage according to blockchain security firm <a href=\"https:\/\/x.com\/coinspect\/status\/1936231159320453579\">Coinspect Security<\/a>.<\/p>\n<p>The script caused an unauthorized prompt instructing users to \u201cVerify Wallet,\u201d a phishing tactic aimed at tricking visitors into handing over access to their crypto holdings.<\/p>\n<p>The blockchain security firm <a href=\"https:\/\/x.com\/coinspect\/status\/1936233129460613169\">traced<\/a> the attack to the platform\u2019s rotating \u201cdoodles\u201d feature, which allowed attackers to embed the malicious code without altering the site\u2019s core infrastructure.<\/p>\n<p>The pop-up was live for a short period before being removed by CoinMarketCap\u2019s team.<\/p>\n<p>\u201cUpon discovery, we acted immediately to remove the problematic content,\u201d CoinMarketCap said in a statement posted to social media. \u201cComprehensive measures have been implemented to isolate and mitigate the issue.\u201d<\/p>\n<p>CoinMarketCap has not disclosed how many users encountered the pop-up or whether any wallets were compromised.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Hackers exploited a vulnerability in CoinMarketCap\u2019s front-end system, using a seemingly harmless doodle image to inject malicious code that triggered fake wallet verification pop-ups across the site. The breach, confirmed by CoinMarketCap, used its backend API to deliver a manipulated JSON payload that embedded JavaScript into the homepage according to blockchain security firm Coinspect Security. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-33000","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/33000","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=33000"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/33000\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=33000"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=33000"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=33000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}