- Hackers exploit Lottie Player, compromising wallets on trusted DeFi sites like 1inch. Avoid connecting wallets until secure.
- Updated Lottie Player 2.0.8 cleans the exploit; wallet holders should revoke permissions if linked to affected sites.
- Attackers used Ace Drainer to hijack wallets. Users should stay cautious with permissions and only connect when needed.
A severe vulnerability in the Lottie Player JavaScript library has compromised numerous websites, including DeFi giant 1inch. The exploit, discovered on October 30, enables attackers to initiate harmful wallet connections, exposing users to potential losses.
The hack prompts connection requests from popular wallets like MetaMask, WalletConnect, and others. Consequently, users are warned to avoid connecting wallets on suspicious sites until the threat subsides.
Unpacking the Lottie Player Breach
The exploit affected Lottie Player versions 2.0.5 and above, distributing malware-laced popups urging users to connect wallets to fraudulent sites. These malicious popups redirected users to Ace Drainer, a crypto-draining tool specifically designed to empty wallets.
Unlike past phishing scams that depended on external links, this attack directly infiltrated trusted applications. Major platforms, including TryHackMe, experienced these popups, though they mitigated the risk by reverting to an older version of Lottie Player.
Additionally, LottieFiles reported that compromised versions of NPM were released using a developer’s hijacked access credentials. These versions, embedded with malware, allowed attackers to redirect users to crypto-draining services. Wallet owners who engaged with the hacked links now face potential losses, especially if they fail to revoke permissions.
Swift Response and Updates from LottieFiles
In response, LottieFiles released a clean version, 2.0.8, and unpublished compromised versions. Jawish Hameed, VP of Engineering at LottieFiles, confirmed these infected files had been removed from GitHub.
The company has since revoked all developer tokens and engaged cybersecurity experts for an ongoing investigation. Importantly, LottieFiles clarified that other resources, like its SaaS services and GitHub libraries, remain unaffected.
Besides containing the breach, LottieFiles advised users to update to secure versions (either 2.0.4 or the latest 2.0.8) immediately. Many site owners responded by deleting compromised scripts, ensuring they do not prompt wallet connections.
Increasing Caution Amid Crypto Bull Market
This breach highlights rising security concerns as the next crypto bull market gains momentum. Wallet security, especially avoiding automatic connection requests, remains critical for users. Blockchain monitoring tool Scam Sniffer documented a $723,000 Bitcoin loss, emphasizing the exploit’s high stakes.
Staying vigilant and adopting minimal permissions for crypto wallets is advised to reduce exposure to future threats. As investigations continue, LottieFiles is expected to release further updates on the breach.
The post Lottie Player Exploit Breaches Crypto Wallet Security, DeFi Apps at Risk appeared first on Crypto News Land.
Earn more CFN tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://cryptoforum.news0
CFN Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed