BREAKING: CoinMarketCap Front-End Hack Exposes Users to Malicious JavaScript Injection

Crypto's favorite price-tracking site just got a dangerous upgrade—courtesy of hackers.

CoinMarketCap users were hit with a front-end breach today, injecting malicious JavaScript into the platform. No 'rug pull' needed—attackers went straight for the jugular by compromising the user interface itself.

How it happened: The breach bypassed standard security protocols, delivering payloads directly to unsuspecting traders checking portfolio values. Classic 'supply chain attack' meets decentralized finance.

Why it matters: Front-end breaches are the crypto equivalent of a bank leaving its vault door open—while posting a neon 'WE'RE SECURE' sign. Ironically, the exploit targeted a platform trusted for transparency in an industry built on 'trustless' systems.

Silver lining? At least the hackers didn't manipulate coin rankings this time—though with half the 'top 10' projects being vaporware anyway, would anyone notice?

BitoPro confirms $11M crypto theft by Lazarus Group

In other related news, Taiwanese cryptocurrency exchange BitoPro confirmed a breach resulting in the theft of approximately $11 million in digital assets. The company linked the attack to the North Korean state-backed hacking group Lazarus. 

According to an X thread published on June 19, it cited similarities to previous incidents involving illicit international fund transfers and unauthorized access to crypto exchanges.

The breach occurred on May 8, 2025, during a routine hot wallet system update. Attackers exploited an employee device to bypass multi-factor authentication using stolen AWS session tokens. Malware implanted via a social engineering attack enabled the hackers to execute commands, inject scripts into the wallet system, and simulate legitimate activity while siphoning funds.

Assets were drained across multiple blockchains, including Ethereum, Solana, Polygon, and Tron, and laundered through decentralized exchanges and mixers such as Tornado Cash, Wasabi Wallet, and ThorChain. 

Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now