CoinMarketCap has reportedly identified and removed a malicious code that targeted users to withdraw their crypto wallets.
CoinMarketCap users were recently targeted by scammers who took advantage of a vulnerability on the popular crypto price tracking website.
According to the latest reports, the platform has swiftly removed a malicious pop-up from its website and is conducting a thorough investigation into the incident.
CoinMarketCap Removes Malicious Code After Security Hack
In an earlier warning, CoinMarketCap warned its users about a malicious pop-up notification that tried to trick them into verifying their crypto wallets. "
We are aware that a malicious pop-up prompting users to "Verify Wallet" appeared on our site. Do not connect your wallet," the platform wrote in an X post.
In a subsequent post, CoinMarketCap confirmed that they had identified and removed the malicious code. The update was provided within three hours of the platform's public acknowledgment of the malicious notification. read the message,
Update: We’ve identified and removed the malicious code from our site. Our team is continuing to investigate and taking steps to strengthen our security.
According to Coinspect Security, the backend API of CoinMarketCap, a blockchain security firm, was compromised, serving manipulation of JSON payloads that injected malicious JavaScript through its 'Doodles' feature. The firm quoted, “Yes, the CoinMarketCap drainer is filled with a “doodle” JSON file.
It is noteworthy that this incident comes after another high-profile hack that resulted in the loss of at least $100 million in crypto.
Reported, Iranian exchange Nobitex was breached by Israeli attackers as part of the Iran-Israel war.
Last month, prominent crypto exchange Coinbase also suffered a security breach. Earlier, Crypto Price Tracker was hacked in October 2021. As a result, approximately 3.1 million email addresses of CoinMarketCap users were compromised.
Users and platforms sound the alarm.
The CoinMarketCap hack was initially discovered by community members and platforms such as MetaMask and Phantom. A user named JetOnX shared a post, citing, "Both Metamask and Phantom have red flagged this!"
While Metamask provided a warning that the website appeared to be malicious, Phantom revealed, "coinmarket.com is blocked." Both platforms consider CoinMarketCap "unsafe" to use at this time.
Meanwhile, many users on X suspect that the pop-up was a phishing attempt, a common crypto scam where hackers trick victims into revealing personal data or private keys.
Crypto sleuth Jameson Lopp shed light on the security issue, adding that hackers intend to wipe out users' crypto wallets.
Another user, Uri, reported that the notification prompted users to link their wallets and subsequently request approval for ERC-20 tokens. Other users have also warned against the CoinMarketCap hack, warning, "Do not verify wallet."
#CoinMarketCap #HackerAlert #wallet🔥 #CryptoNewss #Market_Update