October 31, 2024 at 08:05AM
LottieFiles faced a security breach after a developer account was compromised, leading to malicious code being pushed to users, potentially draining their crypto wallets. The company released a safe version (2.0.8) and assured users that their other services were unaffected. Outside security experts were involved in resolving the incident.
**Meeting Takeaways: LottieFiles Security Incident**
1. **Incident Summary**: LottieFiles faced a security breach where a compromised developer account allowed attackers to push malicious code, targeting users’ crypto wallets through the LottiePlayer plugin.
2. **Attack Details**:
– Attackers accessed the account using a stolen session token.
– Malicious versions of LottiePlayer (2.0.5, 2.0.6, 2.0.7) were pushed to the npmjs package manager within a short timeframe.
– Users connected to the latest versions of LottiePlayer encountered popups prompting them to connect their crypto wallets, leading to potential asset theft.
3. **Response and Resolution**:
– LottieFiles was notified of the unauthorized changes on October 30th at approximately 6:20 PM UTC.
– A safe version of LottiePlayer (2.0.8) has been released, and the compromised developer was ejected from the system.
– Users are advised to upgrade to version 2.0.8; if unable to do so, they should instruct their customers not to connect wallets when prompted.
4. **Impact Assessment**:
– No impact was reported on LottieFiles’ other libraries, SaaS services, or GitHub repositories.
– The co-founder and CTO, Nattu Adnan, did not specify how many users were affected, but highlighted LottiePlayer’s popularity with 94,000 weekly downloads and over 4 million total downloads.
5. **User Warning**:
– Users, particularly website admins, are urged to communicate the risks clearly to customers.
6. **Broader Context**:
– The incident reflects ongoing security challenges in the crypto space, with recent trends showing an increase in wallet-draining attacks.
7. **Historical Precedent**:
– LottieFiles’ incident follows a broader trend of security breaches in the crypto sector, with significant thefts reported over the past year, including the Poloniex incident where $120 million was stolen.
These key points outline the serious nature of the incident, the response taken by LottieFiles, and the implications for users and the broader digital security landscape.