Lottie Player hit with a supply chain attack, stealing 10 wrapped BTC from Avalanche wallet
The post Lottie Player hit with a supply chain attack, stealing 10 wrapped BTC from Avalanche wallet appeared on BitcoinEthereumNews.com.
Lottie Player was hit with a supply chain attack, affecting one wallet with 10 Bitcoin (BTC). The WordPress tool has been abused to send malicious links to Web3 users, effectively draining wallets. Lottie Player, the WordPress animation library, has been used as a vector of attack for Web3 users. Through malicious links, at least one wallet has been drained of 10 Bitcoin (BTC). The Lottie Player attack has affected widely used projects like 1inch and Mover. The 1inch attack may be especially harmful, as the DEX trading service is among the most widely used ones on Ethereum. Blockaid has also reported it has been spreading malicious wallet connections through its website. Bubble was another front-facing website affected by the malicious popups, and became one of the first to be reported. Bubble is also the source for building third-party apps, which could have been affected in the hours when the old versions were active. Researchers from Blockaid have identified Ace Drainer as the most probable source of the attack. The malicious version of Lottie Player has been removed, but not before spreading fake links for signing with widely used Web3 wallets. The attack has been active for at least 12 hours, increasing the balances in several identified attack wallets. Lottie Player launched a popup asking to connect a crypto wallet. | Source: GitHub The attack was first noted when a wallet got drained of 10 BTC, leading to the source of fake links. The risk was in quickly signing all requests, including permanent access to wallets. This allowed the attackers to even drain Avalanche C-Chain addresses, stealing a form of wrapped BTC. The attack itself did not ask for a self-custodial Bitcoin wallet, but relied on the need for Web3 connectivity. ⚠️ 3 hours ago, a victim lost 10 BTC ($723,436)…
Filed under: News - @ October 31, 2024 10:26 am