• bitcoinBitcoin (BTC) $ 92,998.00
  • ethereumEthereum (ETH) $ 3,053.85
  • tetherTether (USDT) $ 1.00
  • xrpXRP (XRP) $ 2.18
  • bnbBNB (BNB) $ 891.75
  • solanaWrapped SOL (SOL) $ 141.32
  • usd-coinUSDC (USDC) $ 0.999803
  • tronTRON (TRX) $ 0.280212
  • staked-etherLido Staked Ether (STETH) $ 3,051.50
  • dogecoinDogecoin (DOGE) $ 0.148165
  • cardanoCardano (ADA) $ 0.437334
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.00
  • whitebitWhiteBIT Coin (WBT) $ 62.18
  • wrapped-stethWrapped stETH (WSTETH) $ 3,725.72
  • bitcoin-cashBitcoin Cash (BCH) $ 583.75
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 92,805.00
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,306.79
  • chainlinkChainlink (LINK) $ 14.05
  • usdsUSDS (USDS) $ 0.999993
  • hyperliquidHyperliquid (HYPE) $ 34.46
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999936
  • leo-tokenLEO Token (LEO) $ 9.33
  • wethWETH (WETH) $ 3,052.20
  • stellarStellar (XLM) $ 0.255583
  • wrapped-eethWrapped eETH (WEETH) $ 3,303.52
  • moneroMonero (XMR) $ 410.50
  • ethena-usdeEthena USDe (USDE) $ 0.999585
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 92,955.00
  • litecoinLitecoin (LTC) $ 84.33
  • suiSui (SUI) $ 1.69
  • hedera-hashgraphHedera (HBAR) $ 0.146989
  • avalanche-2Avalanche (AVAX) $ 13.87
  • zcashZcash (ZEC) $ 319.87
  • shiba-inuShiba Inu (SHIB) $ 0.000009
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.161177
  • daiDai (DAI) $ 0.999266
  • susdssUSDS (SUSDS) $ 1.08
  • crypto-com-chainCronos (CRO) $ 0.108807
  • the-open-networkToncoin (TON) $ 1.59
  • paypal-usdPayPal USD (PYUSD) $ 0.999654
  • uniswapUniswap (UNI) $ 6.02
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • polkadotPolkadot (DOT) $ 2.30
  • usdt0USDT0 (USDT0) $ 1.00
  • mantleMantle (MNT) $ 1.05
  • aaveAave (AAVE) $ 191.44
  • canton-networkCanton (CC) $ 0.076262
  • usd1-wlfiUSD1 (USD1) $ 0.999215
  • bittensorBittensor (TAO) $ 282.05
  • bitget-tokenBitget Token (BGB) $ 3.63
  • nearNEAR Protocol (NEAR) $ 1.81
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • memecoreMemeCore (M) $ 1.34
  • okbOKB (OKB) $ 105.82
  • tether-goldTether Gold (XAUT) $ 4,219.95
  • falcon-financeFalcon USD (USDF) $ 0.997915
  • aster-2Aster (ASTER) $ 1.07
  • ethereum-classicEthereum Classic (ETC) $ 13.72
  • ethenaEthena (ENA) $ 0.275077
  • internet-computerInternet Computer (ICP) $ 3.74
  • jito-staked-solJito Staked SOL (JITOSOL) $ 175.97
  • pump-funPump.fun (PUMP) $ 0.003343
  • pi-networkPi Network (PI) $ 0.235691
  • pepePepe (PEPE) $ 0.000005
  • rainRain (RAIN) $ 0.008123
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,052.51
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.78
  • ondo-financeOndo (ONDO) $ 0.508830
  • htx-daoHTX DAO (HTX) $ 0.000002
  • worldcoin-wldWorldcoin (WLD) $ 0.633050
  • kaspaKaspa (KAS) $ 0.055852
  • aptosAptos (APT) $ 2.00
  • pax-goldPAX Gold (PAXG) $ 4,227.74
  • quant-networkQuant (QNT) $ 97.14
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.14
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.128865
  • usdtbUSDtb (USDTB) $ 0.999796
  • kucoin-sharesKuCoin (KCS) $ 10.18
  • bfusdBFUSD (BFUSD) $ 0.999350
  • skySky (SKY) $ 0.056525
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,504.33
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999646
  • ripple-usdRipple USD (RLUSD) $ 0.999819
  • global-dollarGlobal Dollar (USDG) $ 0.999790
  • hash-2Provenance Blockchain (HASH) $ 0.024206
  • algorandAlgorand (ALGO) $ 0.141502
  • wbnbWrapped BNB (WBNB) $ 891.62
  • gatechain-tokenGate (GT) $ 10.44
  • arbitrumArbitrum (ARB) $ 0.215894
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • official-trumpOfficial Trump (TRUMP) $ 6.03
  • binance-staked-solBinance Staked SOL (BNSOL) $ 153.73
  • cosmosCosmos Hub (ATOM) $ 2.39
  • vechainVeChain (VET) $ 0.013374
  • filecoinFilecoin (FIL) $ 1.56
  • flare-networksFlare (FLR) $ 0.014093
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,230.75
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • ignition-fbtcFunction FBTC (FBTC) $ 93,318.00
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 93,123.00
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 92,692.00
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,257.69
  • nexoNEXO (NEXO) $ 0.978075
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 34.77
  • xdce-crowd-saleXDC Network (XDC) $ 0.051898
  • render-tokenRender (RENDER) $ 1.75
  • sei-networkSei (SEI) $ 0.140061
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.997905
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.91
  • bonkBonk (BONK) $ 0.000010
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.40
  • jupiter-exchange-solanaJupiter (JUP) $ 0.251778
  • morphoMorpho (MORPHO) $ 1.46
  • story-2Story (IP) $ 2.33
  • ousgOUSG (OUSG) $ 113.50
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.012117
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 92,845.00
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,254.87
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,306.31
  • clbtcclBTC (CLBTC) $ 91,953.00
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 163.02
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.260346
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • spx6900SPX6900 (SPX) $ 0.719948
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999801
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.976217
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999653
  • usdaiUSDai (USDAI) $ 0.999420
  • myx-financeMYX Finance (MYX) $ 3.24
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,134.15
  • optimismOptimism (OP) $ 0.317857
  • starknetStarknet (STRK) $ 0.125349
  • beldexBeldex (BDX) $ 0.080257
  • aerodrome-financeAerodrome Finance (AERO) $ 0.665406
  • dashDash (DASH) $ 47.23
  • injective-protocolInjective (INJ) $ 5.86
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,052.74
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,052.57
  • tbtctBTC (TBTC) $ 92,711.00
  • msolMarinade Staked SOL (MSOL) $ 189.51
  • blockstackStacks (STX) $ 0.313395
  • curve-dao-tokenCurve DAO (CRV) $ 0.389849
  • lido-daoLido DAO (LDO) $ 0.625391
  • usual-usdUsual USD (USD0) $ 0.998406
  • telcoinTelcoin (TEL) $ 0.005623
  • tezosTezos (XTZ) $ 0.495915
  • the-graphThe Graph (GRT) $ 0.049667
  • celestiaCelestia (TIA) $ 0.619943
  • usddUSDD (USDD) $ 1.00
  • ether-fiEther.fi (ETHFI) $ 0.832394
  • true-usdTrueUSD (TUSD) $ 0.996527
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 2,460.42
  • mantle-bridged-usdt-mantleMantle Bridged USDT (Mantle) (USDT) $ 1.00
  • kaiaKaia (KAIA) $ 0.080507
  • gtethGTETH (GTETH) $ 3,052.52
  • flokiFLOKI (FLOKI) $ 0.000048
  • newton-projectAB (AB) $ 0.005169
  • stader-ethxStader ETHx (ETHX) $ 3,281.57
  • ultimaUltima (ULTIMA) $ 4,610.13
  • ethereum-name-serviceEthereum Name Service (ENS) $ 11.81
  • iotaIOTA (IOTA) $ 0.105953
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.21
  • pendlePendle (PENDLE) $ 2.66
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.03
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,216.55
  • ghoGHO (GHO) $ 1.00
  • pyth-networkPyth Network (PYTH) $ 0.073955
  • doublezeroDoubleZero (2Z) $ 0.122648
  • bitcoin-svBitcoin SV (BSV) $ 21.27
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • usdbUSDB (USDB) $ 0.995944
  • swethSwell Ethereum (SWETH) $ 3,335.66
  • sbtc-2sBTC (SBTC) $ 92,186.00
  • bittorrentBitTorrent (BTT) $ 0.00000041
  • dogwifcoindogwifhat (WIF) $ 0.400786
  • justJUST (JST) $ 0.040409
  • lorenzo-wrapped-bitcoinLorenzo Wrapped Bitcoin (ENZOBTC) $ 90,454.00
  • the-sandboxThe Sandbox (SAND) $ 0.152397
  • sonic-3Sonic (S) $ 0.103824
  • sun-tokenSun Token (SUN) $ 0.020460
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,383.24
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,051.95
  • conflux-tokenConflux (CFX) $ 0.075065
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 93,007.00
  • heliumHelium (HNT) $ 2.05
  • olympusOlympus (OHM) $ 23.24
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.148140
  • flowFlow (FLOW) $ 0.231488
  • apenftAINFT (NFT) $ 0.00000037
  • plasmaPlasma (XPL) $ 0.186483
  • jasmycoinJasmyCoin (JASMY) $ 0.007391
  • basic-attention-tokenBasic Attention (BAT) $ 0.238745
  • fartcoinFartcoin (FARTCOIN) $ 0.352878
  • merlin-chainMerlin Chain (MERL) $ 0.334535
  • galaGALA (GALA) $ 0.007482
  • benqi-liquid-staked-avaxBENQI Liquid Staked AVAX (SAVAX) $ 17.11
  • theta-tokenTheta Network (THETA) $ 0.347263
  • wrapped-hypeWrapped HYPE (WHYPE) $ 34.53
  • ape-and-pepeApe and Pepe (APEPE) $ 0.000002
Bitcoin

SaaS animation platform LottieFiles alerts users to crypto threats

By admin
0 101

SaaS animation platform LottieFiles alerts users to crypto threats

LottieFiles revealed a supply chain compromise in which malicious code could lure users into connecting crypto wallets, potentially leading to asset theft.

LottieFiles, a platform that enables designers and developers to create animations, has issued a warning regarding a security breach involving its npm package, which may expose users to malicious code designed to compromise crypto wallets.

Incident Response for Recently Infected Lottie-Player versions 2.05, 2.06, 2.0.7

Comm Date/Time: Oct 31st, 2024 04:00 AM UTC

Incident: On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player…

— LottieFiles (@LottieFiles) October 31, 2024

In an X post on Oct. 31, LottieFiles said that the affected versions — Lottie Web Player 2.0.5, 2.0.6, and 2.0.7 — were released on Oct. 30, prompting immediate concerns after multiple user reports surfaced about strange code injections. In response to the threat, LottieFiles released a new version, 2.0.8, reverting to the secure code.

“A large number of users using the library via third-party CDNs without a pinned version were automatically served the compromised version as the latest release.”

LottieFiles

You might also like: Web3 anti-scam sleuth uncovers phishing attack that drained $4.2m using a malicious opcode

For those unable to update, LottieFiles recommends informing end users about potential fraudulent wallet connection prompts associated with the Lottie-player. Users may also opt to remain on version 2.0.4 to avoid risk.

LottieFiles warned that applications using the compromised npm package may inadvertently prompt users to connect their crypto wallets, opening avenues for potential theft. The developer account linked to the malicious uploads has been stripped of access, and related tokens have been revoked to halt any further unauthorized activity, the firm added, though the full extent of the attack remains unknown.

Read more: GitHub repository exposed Binance’s internal passwords and code

Source

admin 15647 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.