• bitcoinBitcoin (BTC) $ 95,236.00
  • ethereumEthereum (ETH) $ 3,339.47
  • tetherTether (USDT) $ 0.999594
  • bnbBNB (BNB) $ 948.18
  • xrpXRP (XRP) $ 2.06
  • solanaWrapped SOL (SOL) $ 142.40
  • usd-coinUSDC (USDC) $ 0.999610
  • tronTRON (TRX) $ 0.316809
  • staked-etherLido Staked Ether (STETH) $ 3,337.22
  • dogecoinDogecoin (DOGE) $ 0.137381
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.00
  • cardanoCardano (ADA) $ 0.393498
  • wrapped-stethWrapped stETH (WSTETH) $ 4,086.01
  • whitebitWhiteBIT Coin (WBT) $ 57.28
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,631.21
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 94,945.00
  • bitcoin-cashBitcoin Cash (BCH) $ 592.26
  • moneroMonero (XMR) $ 599.50
  • wrapped-eethWrapped eETH (WEETH) $ 3,625.54
  • chainlinkChainlink (LINK) $ 13.79
  • usdsUSDS (USDS) $ 0.999610
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999549
  • leo-tokenLEO Token (LEO) $ 9.08
  • wethWETH (WETH) $ 3,338.85
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 95,159.00
  • stellarStellar (XLM) $ 0.225879
  • suiSui (SUI) $ 1.78
  • zcashZcash (ZEC) $ 395.10
  • ethena-usdeEthena USDe (USDE) $ 1.00
  • hyperliquidHyperliquid (HYPE) $ 25.91
  • avalanche-2Avalanche (AVAX) $ 13.57
  • litecoinLitecoin (LTC) $ 74.92
  • hedera-hashgraphHedera (HBAR) $ 0.117255
  • shiba-inuShiba Inu (SHIB) $ 0.000008
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.171607
  • usdt0USDT0 (USDT0) $ 1.00
  • daiDai (DAI) $ 0.999506
  • susdssUSDS (SUSDS) $ 1.08
  • the-open-networkToncoin (TON) $ 1.72
  • canton-networkCanton (CC) $ 0.111491
  • crypto-com-chainCronos (CRO) $ 0.102285
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • paypal-usdPayPal USD (PYUSD) $ 0.999748
  • polkadotPolkadot (DOT) $ 2.15
  • usd1-wlfiUSD1 (USD1) $ 0.998575
  • uniswapUniswap (UNI) $ 5.30
  • rainRain (RAIN) $ 0.009319
  • mantleMantle (MNT) $ 0.949262
  • memecoreMemeCore (M) $ 1.57
  • bitget-tokenBitget Token (BGB) $ 3.79
  • aaveAave (AAVE) $ 173.43
  • bittensorBittensor (TAO) $ 273.74
  • pepePepe (PEPE) $ 0.000006
  • tether-goldTether Gold (XAUT) $ 4,605.19
  • okbOKB (OKB) $ 114.10
  • internet-computerInternet Computer (ICP) $ 4.03
  • nearNEAR Protocol (NEAR) $ 1.71
  • falcon-financeFalcon USD (USDF) $ 0.998082
  • jito-staked-solJito Staked SOL (JITOSOL) $ 178.95
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,340.00
  • ethereum-classicEthereum Classic (ETC) $ 12.72
  • pax-goldPAX Gold (PAXG) $ 4,621.65
  • aster-2Aster (ASTER) $ 0.716435
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • ethenaEthena (ENA) $ 0.216452
  • pi-networkPi Network (PI) $ 0.203669
  • htx-daoHTX DAO (HTX) $ 0.000002
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.89
  • pump-funPump.fun (PUMP) $ 0.002737
  • global-dollarGlobal Dollar (USDG) $ 0.999634
  • binance-staked-solBinance Staked SOL (BNSOL) $ 155.78
  • kucoin-sharesKuCoin (KCS) $ 11.52
  • hash-2Provenance Blockchain (HASH) $ 0.028476
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.143322
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • skySky (SKY) $ 0.064313
  • worldcoin-wldWorldcoin (WLD) $ 0.543204
  • ripple-usdRipple USD (RLUSD) $ 0.999680
  • wbnbWrapped BNB (WBNB) $ 947.94
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,854.71
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • aptosAptos (APT) $ 1.80
  • bfusdBFUSD (BFUSD) $ 0.999018
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999659
  • arbitrumArbitrum (ARB) $ 0.215513
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,542.64
  • cosmosCosmos Hub (ATOM) $ 2.51
  • gatechain-tokenGate (GT) $ 10.34
  • ondo-financeOndo (ONDO) $ 0.374272
  • quant-networkQuant (QNT) $ 80.78
  • kaspaKaspa (KAS) $ 0.044046
  • algorandAlgorand (ALGO) $ 0.128191
  • filecoinFilecoin (FIL) $ 1.53
  • usddUSDD (USDD) $ 0.999474
  • render-tokenRender (RENDER) $ 2.17
  • dashDash (DASH) $ 85.49
  • official-trumpOfficial Trump (TRUMP) $ 5.20
  • ignition-fbtcFunction FBTC (FBTC) $ 94,617.00
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 95,322.00
  • midnight-3Midnight (NIGHT) $ 0.061429
  • myx-financeMYX Finance (MYX) $ 5.27
  • vechainVeChain (VET) $ 0.011607
  • nexoNEXO (NEXO) $ 0.985058
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 94,860.00
  • story-2Story (IP) $ 2.68
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,598.50
  • bonkBonk (BONK) $ 0.000010
  • flare-networksFlare (FLR) $ 0.010903
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,619.34
  • usdtbUSDtb (USDTB) $ 0.999464
  • xdce-crowd-saleXDC Network (XDC) $ 0.042993
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999610
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.96
  • sei-networkSei (SEI) $ 0.119427
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • ousgOUSG (OUSG) $ 114.00
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 95,240.00
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,565.96
  • clbtcclBTC (CLBTC) $ 94,918.00
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.011664
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • morphoMorpho (MORPHO) $ 1.33
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.08
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 165.80
  • jupiter-exchange-solanaJupiter (JUP) $ 0.220024
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,544.94
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,339.13
  • usdaiUSDai (USDAI) $ 1.00
  • optimismOptimism (OP) $ 0.339190
  • beldexBeldex (BDX) $ 0.086001
  • tezosTezos (XTZ) $ 0.601058
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999595
  • blockstackStacks (STX) $ 0.357489
  • wrapped-flareWrapped Flare (WFLR) $ 0.010905
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.273302
  • curve-dao-tokenCurve DAO (CRV) $ 0.420438
  • chilizChiliz (CHZ) $ 0.059882
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.924438
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.21
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 26.22
  • usual-usdUsual USD (USD0) $ 0.999538
  • c8ntinuumc8ntinuum (CTM) $ 0.132633
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,342.14
  • tbtctBTC (TBTC) $ 95,389.00
  • gtethGTETH (GTETH) $ 3,334.60
  • injective-protocolInjective (INJ) $ 5.20
  • spx6900SPX6900 (SPX) $ 0.553767
  • ether-fiEther.fi (ETHFI) $ 0.734477
  • lido-daoLido DAO (LDO) $ 0.603241
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.999110
  • riverRiver (RIVER) $ 25.48
  • a7a5A7A5 (A7A5) $ 0.012777
  • aerodrome-financeAerodrome Finance (AERO) $ 0.545758
  • ghoGHO (GHO) $ 0.999420
  • true-usdTrueUSD (TUSD) $ 0.999524
  • msolMarinade Staked SOL (MSOL) $ 192.64
  • celestiaCelestia (TIA) $ 0.563736
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,576.99
  • lighterLighter (LIT) $ 1.95
  • fasttokenFasttoken (FTN) $ 1.09
  • flokiFLOKI (FLOKI) $ 0.000049
  • stader-ethxStader ETHx (ETHX) $ 3,598.33
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.09
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,736.91
  • doublezeroDoubleZero (2Z) $ 0.130741
  • the-graphThe Graph (GRT) $ 0.042195
  • starknetStarknet (STRK) $ 0.085336
  • wrapped-apecoinWrapped ApeCoin (WAPE) $ 0.221415
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • sbtc-2sBTC (SBTC) $ 95,117.00
  • staked-aaveStaked Aave (STKAAVE) $ 172.97
  • newton-projectAB (AB) $ 0.004363
  • decredDecred (DCR) $ 24.26
  • bittorrentBitTorrent (BTT) $ 0.00000042
  • syrupMaple Finance (SYRUP) $ 0.359824
  • cap-usdCap USD (CUSD) $ 1.01
  • usdbUSDB (USDB) $ 1.00
  • sun-tokenSun Token (SUN) $ 0.021077
  • jasmycoinJasmyCoin (JASMY) $ 0.008179
  • conflux-tokenConflux (CFX) $ 0.078386
  • trust-wallet-tokenTrust Wallet (TWT) $ 0.946059
  • iotaIOTA (IOTA) $ 0.093277
  • ethereum-name-serviceEthereum Name Service (ENS) $ 10.31
  • gnosisGnosis (GNO) $ 147.97
  • bitcoin-svBitcoin SV (BSV) $ 19.55
  • the-sandboxThe Sandbox (SAND) $ 0.146244
  • dogwifcoindogwifhat (WIF) $ 0.376298
  • pyth-networkPyth Network (PYTH) $ 0.065405
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,328.48
  • resolv-usrResolv USR (USR) $ 0.999916
  • crvusdcrvUSD (CRVUSD) $ 0.998723
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 95,089.00
  • wrapped-stx-velarWrapped STX (Velar) (WSTX) $ 0.361507
  • pendlePendle (PENDLE) $ 2.12
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • euro-coinEURC (EURC) $ 1.16
  • galaGALA (GALA) $ 0.007582
  • justJUST (JST) $ 0.040292
Bitcoin

SaaS animation platform LottieFiles alerts users to crypto threats

By admin
0 116

SaaS animation platform LottieFiles alerts users to crypto threats

LottieFiles revealed a supply chain compromise in which malicious code could lure users into connecting crypto wallets, potentially leading to asset theft.

LottieFiles, a platform that enables designers and developers to create animations, has issued a warning regarding a security breach involving its npm package, which may expose users to malicious code designed to compromise crypto wallets.

Incident Response for Recently Infected Lottie-Player versions 2.05, 2.06, 2.0.7

Comm Date/Time: Oct 31st, 2024 04:00 AM UTC

Incident: On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player…

— LottieFiles (@LottieFiles) October 31, 2024

In an X post on Oct. 31, LottieFiles said that the affected versions — Lottie Web Player 2.0.5, 2.0.6, and 2.0.7 — were released on Oct. 30, prompting immediate concerns after multiple user reports surfaced about strange code injections. In response to the threat, LottieFiles released a new version, 2.0.8, reverting to the secure code.

“A large number of users using the library via third-party CDNs without a pinned version were automatically served the compromised version as the latest release.”

LottieFiles

You might also like: Web3 anti-scam sleuth uncovers phishing attack that drained $4.2m using a malicious opcode

For those unable to update, LottieFiles recommends informing end users about potential fraudulent wallet connection prompts associated with the Lottie-player. Users may also opt to remain on version 2.0.4 to avoid risk.

LottieFiles warned that applications using the compromised npm package may inadvertently prompt users to connect their crypto wallets, opening avenues for potential theft. The developer account linked to the malicious uploads has been stripped of access, and related tokens have been revoked to halt any further unauthorized activity, the firm added, though the full extent of the attack remains unknown.

Read more: GitHub repository exposed Binance’s internal passwords and code

Source

admin 17164 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.