As an analyst with over a decade of experience in cybersecurity, I have seen my fair share of supply chain attacks and their devastating consequences. The recent compromise of several online crypto apps through a popular animation library is yet another stark reminder of why we must remain vigilant in our digital world.
On October 30, several cryptocurrency application websites experienced security breaches as hackers inserted harmful software into an upgrade for a frequently used and well-known animation tool.
1inch and TEN Finance decentralized finance applications displayed prompts to users to link their digital wallets. However, these requests were allegedly a disguise for the malicious actor known as “Ace Drainer,” according to a recent announcement by crypto security platform Blockaid on October 30th.
As an analyst, I would rephrase Gal Nagli’s explanation as follows: “I, as a security lead at cybersecurity firm Wiz, clarified that the recent compromise was due to a widespread attack on the Lottie Player library – a widely-used animation service for websites and applications, which counts tech giants like Apple, Spotify, and Disney among its users.
The attack is unique as it injected a malicious popup into a seemingly otherwise unaffected website. Attackers typically breach highly-followed social media accounts to trick followers into clicking phishing links on fake websites.
Jawish Hameed, who serves as the Vice President of Engineering at LottieFiles (the company responsible for the animations library), posted on GitHub that the impacted library versions have been deleted. He strongly recommended users to update to the most recent version.
He said that attackers compromised the GitHub account of a LottieFiles’ senior software engineer and pushed three malicious updates in three hours, adding it had “removed the compromised account access.”
According to Wiz’s Nagli, users have encountered a warning for malicious cryptocurrency wallet connections on various well-known sites scattered throughout the web.
It appears that the initial purpose of the cyber-attack was to hit significant cryptocurrency sites which rely on this particular library, as he pointed out.
Nagli warned that websites that still use the affected library versions “are probably still vulnerable,” saying users should check if sites are using the non-malicious packages — either version 2.0.4 or the latest 2.0.8.
LottieFiles did not immediately respond to a request for comment.
Crypto-Sec: 2 auditors miss $27M Penpie flaw, Pythia’s ‘claim rewards’ bug
Read More
- Masters Toronto 2025: Everything You Need to Know
- We Loved Both of These Classic Sci-Fi Films (But They’re Pretty Much the Same Movie)
- ‘The budget card to beat right now’ — Radeon RX 9060 XT reviews are in, and it looks like a win for AMD
- Forza Horizon 5 Update Available Now, Includes Several PS5-Specific Fixes
- Street Fighter 6 Game-Key Card on Switch 2 is Considered to be a Digital Copy by Capcom
- Valorant Champions 2025: Paris Set to Host Esports’ Premier Event Across Two Iconic Venues
- Gold Rate Forecast
- The Lowdown on Labubu: What to Know About the Viral Toy
- Karate Kid: Legends Hits Important Global Box Office Milestone, Showing Promise Despite 59% RT Score
- Mario Kart World Sold More Than 780,000 Physical Copies in Japan in First Three Days
2024-10-31 05:21