Lottie Player Exploit Breaches Crypto Wallet Security, DeFi Apps at Risk
- Hackers exploit Lottie Player, compromising wallets on trusted DeFi sites like 1inch. Avoid connecting wallets until secure.
- Updated Lottie Player 2.0.8 cleans the exploit; wallet holders should revoke permissions if linked to affected sites.
- Attackers used Ace Drainer to hijack wallets. Users should stay cautious with permissions and only connect when needed.
A severe vulnerability in the Lottie Player JavaScript library has compromised numerous websites, including DeFi giant 1inch. The exploit, discovered on October 30, enables attackers to initiate harmful wallet connections, exposing users to potential losses.
The hack prompts connection requests from popular wallets like MetaMask, WalletConnect, and others. Consequently, users are warned to avoid connecting wallets on suspicious sites until the threat subsides.
Unpacking the Lottie Player Breach
The exploit affected Lottie Player versions 2.0.5 and above, distributing malware-laced popups urging users to connect wallets to fraudulent sites . These malicious popups redirected users to Ace Drainer, a crypto-draining tool specifically designed to empty wallets.
Unlike past phishing scams that depended on external links, this attack directly infiltrated trusted applications. Major platforms, including TryHackMe, experienced these popups, though they mitigated the risk by reverting to an older version of Lottie Player.
Additionally, LottieFiles reported that compromised versions of NPM were released using a developer’s hijacked access credentials. These versions, embedded with malware, allowed attackers to redirect users to crypto-draining services. Wallet owners who engaged with the hacked links now face potential losses, especially if they fail to revoke permissions.
Swift Response and Updates from LottieFiles
In response, LottieFiles released a clean version, 2.0.8, and unpublished compromised versions. Jawish Hameed, VP of Engineering at LottieFiles, confirmed these infected files had been removed from GitHub.
Read CRYPTONEWSLAND on google newsThe company has since revoked all developer tokens and engaged cybersecurity experts for an ongoing investigation. Importantly, LottieFiles clarified that other resources, like its SaaS services and GitHub libraries, remain unaffected.
Besides containing the breach, LottieFiles advised users to update to secure versions (either 2.0.4 or the latest 2.0.8) immediately. Many site owners responded by deleting compromised scripts, ensuring they do not prompt wallet connections.
Increasing Caution Amid Crypto Bull Market
This breach highlights rising security concerns as the next crypto bull market gains momentum. Wallet security, especially avoiding automatic connection requests , remains critical for users. Blockchain monitoring tool Scam Sniffer documented a $723,000 Bitcoin loss, emphasizing the exploit’s high stakes.
Staying vigilant and adopting minimal permissions for crypto wallets is advised to reduce exposure to future threats. As investigations continue, LottieFiles is expected to release further updates on the breach.
disclaimer read moreCrypto News Land, also abbreviated as "CNL", is an independent media entity - we are not affiliated with any company in the blockchain and cryptocurrency industry. We aim to provide fresh and relevant content that will help build up the crypto space since we believe in its potential to impact the world for the better. All of our news sources are credible and accurate as we know it, although we do not make any warranty as to the validity of their statements as well as their motive behind it. While we make sure to double-check the veracity of information from our sources, we do not make any assurances as to the timeliness and completeness of any information in our website as provided by our sources. Moreover, we disclaim any information on our website as investment or financial advice. We encourage all visitors to do your own research and consult with an expert in the relevant subject before making any investment or trading decision.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
What is altcoin season and why can these 5 coins grow 5x?
Polymarket platform is now unavailable for users in France
Sui Foundation Partners with Asset Manager Franklin Templeton
Cardano Jumps 215% After Major Breakout and Sets Sights on Higher Targets