Security News > 2024 > October > Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups
A supply chain compromise involving Lottie Player, a widely used web component for playing site and app animations, has made popular decentralized finance apps show pop-ups urging users to connect their wallets, TradingView has reported. The pop-up (Source: Lottie Player GitHub repository) Users who did it – and it seems that there was at least one victim – had their wallets drained. The Lottie Player compromise Website admins began complaining about the pop-up and asking … More → The post Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/31/lottie-player-compromise/
Related news
- Crypto scams rake in $5.6B a year for cyberscum lowlifes, FBI says (source)
- Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign (source)
- Binance claims it helped to bust Chinese crypto scam app in India (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)