CoinMarketCap traced the source of its front-end vulnerability to a compromised Doodle-themed image, which had been embedded into the site and exploited to trigger the malicious wallet connection prompt.
Claim
Quotes that support claims
CoinMarketCap traced the vulnerability to a doodle image linked to unauthorized JavaScript, which briefly disrupted the site’s interface. It noted: “Our security team identified a vulnerability related to a doodle image displayed on our homepage. This doodle image contained a link that triggered malicious code through an API call, resulting in an unexpected pop-up for some users when visited our homepage.
Referenced by
Details of the CoinMarketCap attack
Crypto news
Data block
