search
Homeweb3.01inch Users Cautioned Against Any Interactions as Its Website Gets Breached

Decentralized exchange aggregator 1inch's website has been breached along with multiple other platforms that use the same frontend library, Lottie Player.

1inch Users Cautioned Against Any Interactions as Its Website Gets Breached

Decentralized exchange aggregator 1inch’s website has been breached along with multiple other platforms that use the same frontend library, Lottie Player.

The breach was discovered after users reported suspicious activity on their wallets following interactions with these platforms. Upon investigation, it was found that malicious code had been injected into the Lottie Player, a widely-used animation library used by several dApps and non-crypto websites.

As of now, no user wallets have been reportedly compromised. However, 1inch users are being cautioned against any interactions with the platform until the issue is fully resolved.

According to several posts on X (formerly Twitter), 1inch and TEN Finance are the confirmed victims of this attack so far. However, the number could be much higher, as the exploit targeted Lottie Player versions 2.0.5 and above.

Hackers have reportedly injected malicious code into the front-end JSON files of websites using these versions. This code now enables the compromised sites to perform unauthorized transactions, posing a severe threat to users’ assets and data.

Reports from Blockaid indicate that the attack was introduced through a compromise of Lottie Player’s content server, where a malicious npm package was used to distribute altered code. Blockaid and other security firms have confirmed the injection of unauthorized scripts within the package.

“Legitimate sites (non crypto as well) are now serving malicious content, including anti-debug evasion code. @LottieFiles, it looks like attackers have managed to push malicious versions of your package, with another version being uploaded now,” Blockaid wrote in an X (formerly Twitter) post.

At the time of writing, 1inch hasn’t released any official statement on the breach. However, the Lottie Player team has confirmed that they were able to identify the cause of the breach and are working on removing the affected versions.

Users are strictly advised to avoid connecting wallets or interacting with affected platforms until the security issues are fully resolved.

The above is the detailed content of 1inch Users Cautioned Against Any Interactions as Its Website Gets Breached. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
The Pi Network token price has increased by more than 14% over the past week.The Pi Network token price has increased by more than 14% over the past week.Apr 16, 2025 am 11:22 AM

As of press time, Pi is trading at $0.6711 after its integration with Chainlink on April 12th. The announcement caused a surge in the price of Pi

More Reasons to Be Bullish on SUI as Price Enters Prime Buying ZoneMore Reasons to Be Bullish on SUI as Price Enters Prime Buying ZoneApr 16, 2025 am 11:20 AM

An analyst on X, Frigg, highlights multiple reasons to be optimistic about SUI Network price trajectory.

Bitcoin (BTC) Sentiment Is Turning Bullish as Over $467 Million of the Cryptocurrency Was Withdrawn From Exchanges YesterdayBitcoin (BTC) Sentiment Is Turning Bullish as Over $467 Million of the Cryptocurrency Was Withdrawn From Exchanges YesterdayApr 16, 2025 am 11:18 AM

Following today's data released by IntoTheBlock, sentiment around Bitcoin appears heightening towards bullishness.

Movement Labs and the Movement Network Foundation have launched an independent investigation into recent market-making irregularities related to the MOVE token.Movement Labs and the Movement Network Foundation have launched an independent investigation into recent market-making irregularities related to the MOVE token.Apr 16, 2025 am 11:16 AM

nt Labs and the Movement Network Foundation Launch Independent Investigation into MOVE Token Market-Making Irregularities

A wave of capital is flowing out of Ethereum [ETH] and into Tron [TRX]A wave of capital is flowing out of Ethereum [ETH] and into Tron [TRX]Apr 16, 2025 am 11:14 AM

With $1.52 billion in stablecoins migrating to Tron, investors appear to be favoring lower-cost chains and diversifying beyond traditional USD-backed assets.

Mantra CEO John Patrick Mullin Burns His Allocation of OM Tokens to Restore Investor ConfidenceMantra CEO John Patrick Mullin Burns His Allocation of OM Tokens to Restore Investor ConfidenceApr 16, 2025 am 11:12 AM

Mantra CEO John Patrick Mullin has proposed burning his allocation of OM tokens in a move aimed at restoring investor confidence after the protocol's native token suffered a sharp collapse.

Recent market movements and technical analysis suggest that BONK may be on the brink of a significant price surge, outpacing Solana's broader ecosystem.Recent market movements and technical analysis suggest that BONK may be on the brink of a significant price surge, outpacing Solana's broader ecosystem.Apr 16, 2025 am 11:10 AM

Technical Setup for Bonk Price Recovery According to prominent crypto analyst Altcoin Sherpa, Bonk is showing signs of a potential rebound.

Securitize Acquires MG Stover's Fund Administration Business to Become the Largest Digital Asset Fund AdministratorSecuritize Acquires MG Stover's Fund Administration Business to Become the Largest Digital Asset Fund AdministratorApr 16, 2025 am 11:08 AM

Securitize, one of the largest tokenized asset issuers, said on Tuesday it has acquired MG Stover's fund administration business

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
Will R.E.P.O. Have Crossplay?
1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Atom editor mac version download

Atom editor mac version download

The most popular open source editor

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

PhpStorm Mac version

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools