• bitcoinBitcoin (BTC) $ 72,702.00
  • ethereumEthereum (ETH) $ 2,132.90
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 658.07
  • xrpXRP (XRP) $ 1.43
  • usd-coinUSDC (USDC) $ 0.999998
  • solanaSolana (SOL) $ 91.28
  • tronTRON (TRX) $ 0.287793
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • dogecoinDogecoin (DOGE) $ 0.099383
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.02
  • whitebitWhiteBIT Coin (WBT) $ 52.32
  • cardanoCardano (ADA) $ 0.276282
  • usdsUSDS (USDS) $ 0.999897
  • bitcoin-cashBitcoin Cash (BCH) $ 465.74
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • leo-tokenLEO Token (LEO) $ 9.05
  • hyperliquidHyperliquid (HYPE) $ 31.97
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • moneroMonero (XMR) $ 357.94
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • chainlinkChainlink (LINK) $ 9.35
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • ethena-usdeEthena USDe (USDE) $ 0.999421
  • canton-networkCanton (CC) $ 0.155061
  • stellarStellar (XLM) $ 0.159932
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • usd1-wlfiUSD1 (USD1) $ 0.999551
  • rainRain (RAIN) $ 0.009254
  • susdssUSDS (SUSDS) $ 1.08
  • hedera-hashgraphHedera (HBAR) $ 0.101183
  • litecoinLitecoin (LTC) $ 56.77
  • daiDai (DAI) $ 0.999876
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • paypal-usdPayPal USD (PYUSD) $ 0.999857
  • avalanche-2Avalanche (AVAX) $ 9.48
  • zcashZcash (ZEC) $ 243.30
  • wethWETH (WETH) $ 2,268.37
  • suiSui (SUI) $ 0.961389
  • shiba-inuShiba Inu (SHIB) $ 0.000006
  • the-open-networkToncoin (TON) $ 1.31
  • usdt0USDT0 (USDT0) $ 0.998824
  • crypto-com-chainCronos (CRO) $ 0.077590
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.106602
  • tether-goldTether Gold (XAUT) $ 5,119.22
  • polkadotPolkadot (DOT) $ 1.53
  • pax-goldPAX Gold (PAXG) $ 5,166.16
  • uniswapUniswap (UNI) $ 3.97
  • memecoreMemeCore (M) $ 1.37
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • mantleMantle (MNT) $ 0.692008
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • hashnote-usycCircle USYC (USYC) $ 1.12
  • bittensorBittensor (TAO) $ 187.38
  • skySky (SKY) $ 0.076559
  • aster-2Aster (ASTER) $ 0.719889
  • aaveAave (AAVE) $ 115.58
  • falcon-financeFalcon USD (USDF) $ 0.997610
  • pi-networkPi Network (PI) $ 0.181683
  • global-dollarGlobal Dollar (USDG) $ 0.999842
  • nearNEAR Protocol (NEAR) $ 1.31
  • okbOKB (OKB) $ 77.72
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • ripple-usdRipple USD (RLUSD) $ 1.00
  • pepePepe (PEPE) $ 0.000004
  • bitget-tokenBitget Token (BGB) $ 2.18
  • htx-daoHTX DAO (HTX) $ 0.000002
  • internet-computerInternet Computer (ICP) $ 2.53
  • ethereum-classicEthereum Classic (ETC) $ 8.83
  • bfusdBFUSD (BFUSD) $ 0.999394
  • ondo-financeOndo (ONDO) $ 0.269476
  • pump-funPump.fun (PUMP) $ 0.002067
  • worldcoin-wldWorldcoin (WLD) $ 0.420842
  • gatechain-tokenGate (GT) $ 7.33
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.103784
  • kucoin-sharesKuCoin (KCS) $ 8.06
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 11.01
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • midnight-3Midnight (NIGHT) $ 0.062121
  • morphoMorpho (MORPHO) $ 1.87
  • ethenaEthena (ENA) $ 0.117770
  • cosmosCosmos Hub (ATOM) $ 1.88
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.10
  • nexoNEXO (NEXO) $ 0.900027
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • hash-2Provenance Blockchain (HASH) $ 0.014494
  • usdtbUSDtb (USDTB) $ 0.999326
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.22
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • kaspaKaspa (KAS) $ 0.030632
  • official-trumpOfficial Trump (TRUMP) $ 3.44
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • flare-networksFlare (FLR) $ 0.009395
  • algorandAlgorand (ALGO) $ 0.088910
  • wbnbWrapped BNB (WBNB) $ 759.61
  • aptosAptos (APT) $ 1.01
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • filecoinFilecoin (FIL) $ 1.02
  • ousgOUSG (OUSG) $ 114.48
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.03
  • render-tokenRender (RENDER) $ 1.41
  • usddUSDD (USDD) $ 0.999923
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • xdce-crowd-saleXDC Network (XDC) $ 0.035554
  • jupiter-exchange-solanaJupiter (JUP) $ 0.190460
  • vechainVeChain (VET) $ 0.007453
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • arbitrumArbitrum (ARB) $ 0.104669
  • beldexBeldex (BDX) $ 0.080144
  • stable-2​​Stable (STABLE) $ 0.028577
  • yldsYLDS (YLDS) $ 1.00
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.10
  • usual-usdUsual USD (USD0) $ 0.996009
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • bonkBonk (BONK) $ 0.000006
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • ghoGHO (GHO) $ 0.999969
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • decredDecred (DCR) $ 31.46
  • a7a5A7A5 (A7A5) $ 0.012665
  • true-usdTrueUSD (TUSD) $ 1.00
  • clbtcclBTC (CLBTC) $ 76,920.00
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.750455
  • blockstackStacks (STX) $ 0.268530
  • fasttokenFasttoken (FTN) $ 1.09
  • sei-networkSei (SEI) $ 0.069780
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.41
  • euro-coinEURC (EURC) $ 1.16
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.007226
  • usdaiUSDai (USDAI) $ 0.999854
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • dashDash (DASH) $ 35.16
  • tbtctBTC (TBTC) $ 70,942.00
  • tezosTezos (XTZ) $ 0.387607
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • justJUST (JST) $ 0.046020
  • kite-2Kite (KITE) $ 0.223825
  • ether-fiEther.fi (ETHFI) $ 0.539948
  • layerzeroLayerZero (ZRO) $ 1.95
  • kinesis-goldKinesis Gold (KAU) $ 163.27
  • riverRiver (RIVER) $ 19.51
  • c8ntinuumc8ntinuum (CTM) $ 0.088223
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • chilizChiliz (CHZ) $ 0.037066
  • curve-dao-tokenCurve DAO (CRV) $ 0.255652
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • first-digital-usdFirst Digital USD (FDUSD) $ 1.00
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • usxUSX (USX) $ 0.999631
  • cocaCOCA (COCA) $ 1.30
  • gnosisGnosis (GNO) $ 136.24
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.154988
  • pippinpippin (PIPPIN) $ 0.348667
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • lighterLighter (LIT) $ 1.37
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • bittorrentBitTorrent (BTT) $ 0.00000034
  • aerodrome-financeAerodrome Finance (AERO) $ 0.363381
  • apenftAINFT (NFT) $ 0.00000034
  • spx6900SPX6900 (SPX) $ 0.357008
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • hastra-primePRIME (PRIME) $ 1.02
  • kaiaKaia (KAIA) $ 0.054899
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • injective-protocolInjective (INJ) $ 3.11
  • bitcoin-svBitcoin SV (BSV) $ 15.42
  • sun-tokenSun Token (SUN) $ 0.016027
  • adi-tokenADI (ADI) $ 3.16
  • story-2Story (IP) $ 0.856043
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • celestiaCelestia (TIA) $ 0.339263
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • iotaIOTA (IOTA) $ 0.068051
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • pyth-networkPyth Network (PYTH) $ 0.050714
  • the-graphThe Graph (GRT) $ 0.026719
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • jasmycoinJasmyCoin (JASMY) $ 0.005798
  • venice-tokenVenice Token (VVV) $ 6.45
  • syrupMaple Finance (SYRUP) $ 0.246221
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • flokiFLOKI (FLOKI) $ 0.000029
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • fraxLegacy Frax Dollar (FRAX) $ 0.992290
  • optimismOptimism (OP) $ 0.128577
  • olympusOlympus (OHM) $ 17.38
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • siren-2Siren (SIREN) $ 0.370691
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,265.06
  • lido-daoLido DAO (LDO) $ 0.318608
  • crvusdcrvUSD (CRVUSD) $ 1.00
  • telcoinTelcoin (TEL) $ 0.002764
  • conflux-tokenConflux (CFX) $ 0.050781
  • staked-aaveStaked Aave (STKAAVE) $ 126.65
  • doublezeroDoubleZero (2Z) $ 0.073873
  • plasmaPlasma (XPL) $ 0.114204
Bitcoin

SaaS animation platform LottieFiles alerts users to crypto threats

By admin
0 128

SaaS animation platform LottieFiles alerts users to crypto threats

LottieFiles revealed a supply chain compromise in which malicious code could lure users into connecting crypto wallets, potentially leading to asset theft.

LottieFiles, a platform that enables designers and developers to create animations, has issued a warning regarding a security breach involving its npm package, which may expose users to malicious code designed to compromise crypto wallets.

Incident Response for Recently Infected Lottie-Player versions 2.05, 2.06, 2.0.7

Comm Date/Time: Oct 31st, 2024 04:00 AM UTC

Incident: On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player…

— LottieFiles (@LottieFiles) October 31, 2024

In an X post on Oct. 31, LottieFiles said that the affected versions — Lottie Web Player 2.0.5, 2.0.6, and 2.0.7 — were released on Oct. 30, prompting immediate concerns after multiple user reports surfaced about strange code injections. In response to the threat, LottieFiles released a new version, 2.0.8, reverting to the secure code.

“A large number of users using the library via third-party CDNs without a pinned version were automatically served the compromised version as the latest release.”

LottieFiles

You might also like: Web3 anti-scam sleuth uncovers phishing attack that drained $4.2m using a malicious opcode

For those unable to update, LottieFiles recommends informing end users about potential fraudulent wallet connection prompts associated with the Lottie-player. Users may also opt to remain on version 2.0.4 to avoid risk.

LottieFiles warned that applications using the compromised npm package may inadvertently prompt users to connect their crypto wallets, opening avenues for potential theft. The developer account linked to the malicious uploads has been stripped of access, and related tokens have been revoked to halt any further unauthorized activity, the firm added, though the full extent of the attack remains unknown.

Read more: GitHub repository exposed Binance’s internal passwords and code

Source

admin 18707 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.