Security News > 2024 > October > Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups
A supply chain compromise involving Lottie Player, a widely used web component for playing site and app animations, has made popular decentralized finance apps show pop-ups urging users to connect their wallets, TradingView has reported. The pop-up (Source: Lottie Player GitHub repository) Users who did it – and it seems that there was at least one victim – had their wallets drained. The Lottie Player compromise Website admins began complaining about the pop-up and asking … More → The post Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/31/lottie-player-compromise/
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes (source)
- Now BlueSky hit with crypto scams as it crosses 20 million users (source)
- Solana’s popular web3.js library backdoored in supply chain compromise (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)