• bitcoinBitcoin (BTC) $ 78,368.00
  • ethereumEthereum (ETH) $ 2,323.36
  • tetherTether (USDT) $ 0.999092
  • bnbBNB (BNB) $ 775.09
  • xrpXRP (XRP) $ 1.61
  • usd-coinUSDC (USDC) $ 0.999709
  • jusdJUSD (JUSD) $ 0.999053
  • tronTRON (TRX) $ 0.282987
  • staked-etherLido Staked Ether (STETH) $ 2,321.51
  • dogecoinDogecoin (DOGE) $ 0.107003
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • cardanoCardano (ADA) $ 0.298946
  • whitebitWhiteBIT Coin (WBT) $ 51.40
  • bitcoin-cashBitcoin Cash (BCH) $ 526.57
  • wrapped-stethWrapped stETH (WSTETH) $ 2,848.95
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 78,103.00
  • usdsUSDS (USDS) $ 0.999101
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998959
  • hyperliquidHyperliquid (HYPE) $ 37.25
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,529.76
  • leo-tokenLEO Token (LEO) $ 8.62
  • wrapped-eethWrapped eETH (WEETH) $ 2,525.52
  • canton-networkCanton (CC) $ 0.192345
  • chainlinkChainlink (LINK) $ 9.73
  • moneroMonero (XMR) $ 372.54
  • ethena-usdeEthena USDe (USDE) $ 0.999835
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 78,420.00
  • stellarStellar (XLM) $ 0.177063
  • wethWETH (WETH) $ 2,324.74
  • usd1-wlfiUSD1 (USD1) $ 0.999785
  • zcashZcash (ZEC) $ 289.75
  • litecoinLitecoin (LTC) $ 59.89
  • usdt0USDT0 (USDT0) $ 0.999310
  • suiSui (SUI) $ 1.14
  • avalanche-2Avalanche (AVAX) $ 10.11
  • daiDai (DAI) $ 0.999680
  • susdssUSDS (SUSDS) $ 1.09
  • shiba-inuShiba Inu (SHIB) $ 0.000007
  • hedera-hashgraphHedera (HBAR) $ 0.091815
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • paypal-usdPayPal USD (PYUSD) $ 0.999640
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.129828
  • tether-goldTether Gold (XAUT) $ 4,824.85
  • the-open-networkToncoin (TON) $ 1.37
  • crypto-com-chainCronos (CRO) $ 0.083596
  • rainRain (RAIN) $ 0.009303
  • memecoreMemeCore (M) $ 1.49
  • polkadotPolkadot (DOT) $ 1.53
  • uniswapUniswap (UNI) $ 3.92
  • mantleMantle (MNT) $ 0.734419
  • bitget-tokenBitget Token (BGB) $ 3.09
  • pax-goldPAX Gold (PAXG) $ 4,849.05
  • falcon-financeFalcon USD (USDF) $ 0.993939
  • aaveAave (AAVE) $ 127.65
  • bittensorBittensor (TAO) $ 198.12
  • okbOKB (OKB) $ 88.22
  • pepePepe (PEPE) $ 0.000004
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • htx-daoHTX DAO (HTX) $ 0.000002
  • global-dollarGlobal Dollar (USDG) $ 0.999609
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.11
  • nearNEAR Protocol (NEAR) $ 1.19
  • ethereum-classicEthereum Classic (ETC) $ 9.75
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • internet-computerInternet Computer (ICP) $ 2.69
  • jito-staked-solJito Staked SOL (JITOSOL) $ 131.05
  • pump-funPump.fun (PUMP) $ 0.002480
  • ripple-usdRipple USD (RLUSD) $ 0.999772
  • aster-2Aster (ASTER) $ 0.589025
  • skySky (SKY) $ 0.062263
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,470.20
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,324.81
  • pi-networkPi Network (PI) $ 0.158590
  • solanaWrapped SOL (SOL) $ 103.96
  • ondo-financeOndo (ONDO) $ 0.282154
  • bfusdBFUSD (BFUSD) $ 0.999008
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999714
  • kucoin-sharesKuCoin (KCS) $ 9.42
  • wbnbWrapped BNB (WBNB) $ 775.37
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.110818
  • hash-2Provenance Blockchain (HASH) $ 0.021400
  • myx-financeMYX Finance (MYX) $ 6.02
  • worldcoin-wldWorldcoin (WLD) $ 0.408245
  • gatechain-tokenGate (GT) $ 8.29
  • ethenaEthena (ENA) $ 0.139444
  • binance-staked-solBinance Staked SOL (BNSOL) $ 113.59
  • usddUSDD (USDD) $ 0.999165
  • quant-networkQuant (QNT) $ 68.17
  • official-trumpOfficial Trump (TRUMP) $ 4.24
  • aptosAptos (APT) $ 1.27
  • cosmosCosmos Hub (ATOM) $ 1.98
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,689.31
  • algorandAlgorand (ALGO) $ 0.104882
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 78,606.00
  • usdtbUSDtb (USDTB) $ 0.999486
  • kaspaKaspa (KAS) $ 0.032975
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999709
  • ignition-fbtcFunction FBTC (FBTC) $ 78,882.00
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 37.74
  • flare-networksFlare (FLR) $ 0.009935
  • render-tokenRender (RENDER) $ 1.58
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.98
  • filecoinFilecoin (FIL) $ 1.09
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • midnight-3Midnight (NIGHT) $ 0.048478
  • nexoNEXO (NEXO) $ 0.804339
  • arbitrumArbitrum (ARB) $ 0.136606
  • wrappedm-by-m0WrappedM by M0 (WM) $ 0.999527
  • vechainVeChain (VET) $ 0.008540
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • xdce-crowd-saleXDC Network (XDC) $ 0.036984
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.12
  • morphoMorpho (MORPHO) $ 1.27
  • ousgOUSG (OUSG) $ 114.17
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,522.65
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.24
  • jupiter-exchange-solanaJupiter (JUP) $ 0.194872
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999857
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 78,214.00
  • bonkBonk (BONK) $ 0.000007
  • cocaCOCA (COCA) $ 1.30
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,447.46
  • usdaiUSDai (USDAI) $ 0.999257
  • beldexBeldex (BDX) $ 0.080525
  • clbtcclBTC (CLBTC) $ 79,041.00
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 78,183.00
  • sei-networkSei (SEI) $ 0.092199
  • wrapped-flareWrapped Flare (WFLR) $ 0.009934
  • usual-usdUsual USD (USD0) $ 0.996326
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.09
  • dashDash (DASH) $ 44.08
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,324.83
  • stable-2​​Stable (STABLE) $ 0.030105
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,468.85
  • blockstackStacks (STX) $ 0.298876
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.58
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,486.85
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.61
  • tezosTezos (XTZ) $ 0.483639
  • ghoGHO (GHO) $ 0.999336
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 121.22
  • a7a5A7A5 (A7A5) $ 0.012924
  • story-2Story (IP) $ 1.41
  • true-usdTrueUSD (TUSD) $ 0.999069
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.007722
  • tbtctBTC (TBTC) $ 78,457.00
  • fasttokenFasttoken (FTN) $ 1.09
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,324.32
  • chilizChiliz (CHZ) $ 0.044730
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998110
  • optimismOptimism (OP) $ 0.228950
  • c8ntinuumc8ntinuum (CTM) $ 0.101542
  • euro-coinEURC (EURC) $ 1.18
  • curve-dao-tokenCurve DAO (CRV) $ 0.287757
  • lighterLighter (LIT) $ 1.69
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.184191
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.630592
  • usdbUSDB (USDB) $ 0.994288
  • resolv-usrResolv USR (USR) $ 0.998497
  • gtethGTETH (GTETH) $ 2,325.00
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • lorenzo-wrapped-bitcoinLorenzo Wrapped Bitcoin (ENZOBTC) $ 78,519.00
  • doublezeroDoubleZero (2Z) $ 0.111532
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • justJUST (JST) $ 0.042364
  • layerzeroLayerZero (ZRO) $ 1.83
  • kinesis-goldKinesis Gold (KAU) $ 154.44
  • injective-protocolInjective (INJ) $ 3.67
  • aerodrome-financeAerodrome Finance (AERO) $ 0.399572
  • sun-tokenSun Token (SUN) $ 0.018756
  • sbtc-2sBTC (SBTC) $ 78,730.00
  • kaiaKaia (KAIA) $ 0.060865
  • lido-daoLido DAO (LDO) $ 0.415621
  • msolMarinade Staked SOL (MSOL) $ 140.96
  • syrupMaple Finance (SYRUP) $ 0.303865
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,501.92
  • apenftAINFT (NFT) $ 0.00000035
  • ether-fiEther.fi (ETHFI) $ 0.500562
  • bittorrentBitTorrent (BTT) $ 0.00000035
  • flokiFLOKI (FLOKI) $ 0.000036
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 2,605.22
  • decredDecred (DCR) $ 19.19
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • celestiaCelestia (TIA) $ 0.374694
  • the-graphThe Graph (GRT) $ 0.030138
  • staked-aaveStaked Aave (STKAAVE) $ 126.84
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 2,318.58
  • iotaIOTA (IOTA) $ 0.074302
  • stader-ethxStader ETHx (ETHX) $ 2,507.00
  • bitcoin-svBitcoin SV (BSV) $ 15.53
  • kinesis-silverKinesis Silver (KAG) $ 83.25
  • crvusdcrvUSD (CRVUSD) $ 1.00
  • gnosisGnosis (GNO) $ 116.67
  • riverRiver (RIVER) $ 15.53
  • usxUSX (USX) $ 0.999722
  • starknetStarknet (STRK) $ 0.056705
  • jasmycoinJasmyCoin (JASMY) $ 0.006045
  • pyth-networkPyth Network (PYTH) $ 0.051706
  • telcoinTelcoin (TEL) $ 0.003110
Bitcoin

Animation Tool Lottie Player Hit by Supply Chain Attack, Causes $723K Bitcoin Theft

By admin
0 101

Animation Tool Lottie Player Hit by Supply Chain Attack, Causes $723K Bitcoin Theft

A major security breach has impacted multiple decentralized applications (dApps), with the attack stemming from malicious code injected into Lottie Player, a widely-used JavaScript animation library.

The attack exploited recent updates to Lottie Player’s npm package, specifically in versions 2.0.5 through 2.0.7, where hackers embedded malicious code within JSON files that display animations on websites.

At least one individual has lost 10 BTC (US$723,000) after unknowingly signing a phishing transaction linked to the breach, according to Scam Sniffer, a platform designed to protect users from online fraud.

Blockaid, a cybersecurity platform monitoring the incident, confirmed Wednesday the attackers deployed a fake wallet connection prompt, leading users to the drainer malware “Ace Drainer,” which mimics legitimate connections to deceive users.

According to Blockaid, the hackers added harmful code into Lottie Player’s files, turning these animations into entry points for potential scams. Essentially, when users visited sites with this compromised library, they were shown fake pop-ups asking them to connect their digital wallets.

However, these prompts were controlled by hackers and could grant them unauthorized access to users’ funds.

In response to the attack, LottieFiles’ vice president of engineering, Jawish Hameed, confirmed Wednesday that affected versions were removed from npm, and a safe version (2.0.8) was released.

LottieFiles pointed Decrypt to its public statement regarding the breakdown of events when asked for comment.

Hameed noted the breach involved the GitHub account of a senior engineer, through which attackers pushed three compromised updates in just three hours on Tuesday.

LottieFiles has since revoked all access from the affected developer account and taken further steps to prevent future incidents.

This type of “supply chain attack”—where hackers infiltrate widely-used software that many websites rely on—can have widespread consequences. In this case, the compromised Lottie Player versions were automatically pulled into many sites, making it easier for hackers to reach users.

Decentralized aggregator platform 1inch, one of the main targets of the attack, reassured users on social media that only its web dApp was affected and that the wallet app and core protocols remain secure.

Security compromises in widely used libraries and tools have become a critical issue as hackers exploit vulnerabilities that allow them access to unsuspecting users’ assets.

Earlier this month, a PEPE token holder lost $1.39 million after unknowingly signing a malicious Permit2 transaction.

Edited by Sebastian Sinclair

Source

admin 17685 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.