Subscribe for notification
Crypto

LottieFiles Warns Users of Crypto Security Threats

LottieFiles disclosed a supply chain compromise that could potentially result in asset theft by enticing users to connect crypto wallets with malicious code

LottieFiles, a platform that facilitates the creation of animations by designers and developers, has issued a warning regarding a security lapse involving its npm package. This breach may expose users to malicious code that is intended to compromise crypto wallets.

LottieFiles announced in an X post on Oct. 31 that the affected versions — Lottie Web Player 2.0.5, 2.0.6, and 2.0.7 — were published on Oct. 30.

This announcement prompted immediate concern after numerous user reports surfaced regarding unusual code injections. LottieFiles responded to the threat by releasing a new version, 2.0.8, which reverted to the secure code.

“A large number of users using the library via third-party CDNs without a pinned version were automatically served the compromised version as the latest release.” – LottieFiles

LottieFiles suggests that end users be informed about the potential fraudulent wallet connection prompts associated with the Lottie-player if they are unable to update. Users may also choose to continue using version 2.0.4 in order to mitigate potential risks.

LottieFiles cautioned that applications that utilize the compromised npm package may inadvertently prompt users to connect their crypto wallets, thereby creating opportunities for larceny.

The firm has confirmed that the developer account associated with the malicious uploads has been deactivated and the associated tokens have been revoked in order to prevent any additional unauthorized activity. However, the complete extent of the attack is still unknown.

Hillary Ondulohi

Hillary is a media creator with a background in mechanical engineering. He leverages his technical expertise to craft informative pieces on protechbro.com, making complex concepts accessible to a wider audience.

Disqus Comments Loading...

Recent Posts

Shiba Inu Lead Hints At TREAT Token Launch

Shytoshi Kusama hints at the launch of the TREAT token, aimed at strengthening Shiba Inu’s ecosystem with trust, governance, and…

1 hour ago

Shiba Inu Burn Rate Soars, Price Target Rises

SHIB's burn rate soared over 4100% today as the crypto market rallied, with leading analysts suggesting a potential Shiba Inu…

2 hours ago

Analysts- Ether Price Could Dip Before 2025 Rally

Analysts predict Ether price could reach a $20,000 cycle top, with momentum building in early 2025. In the upcoming weeks,…

3 hours ago

Elon Musk Wins SEC Lawsuit

Elon Musk scored a significant win against the US SEC as the court rejected the Commission's request to sanction him.…

6 hours ago

Coin Center Warns Of US Crypto Policies Amid Trump Win

Coin Center notes that the Trump administration favors crypto but warns that ongoing cases may pose challenges for investors and…

7 hours ago

OpenAI Funds Research into AI Morality

OpenAI Inc. has awarded a grant to Duke University researchers for a project called "Research AI Morality," according to a…

15 hours ago