PANews reported on October 31 that according to Scam Sniffer monitoring, Lottie Player suffered a supply chain attack earlier today, which may have affected projects such as 1inch and Movement.
In addition, Yu Xian, the founder of SlowMist, commented: "Another supply chain poisoning attack, done by Ace Drainer-related phishing gangs, poisoning the front-end script modules that well-known Web3 projects rely on. Fortunately, it was discovered in time and the impact should not be large. If your project uses the Lottie Player module, please check whether there is any malicious code introduced (currently known versions 2.0.4 and the latest version 2.0.8 do not have malicious code)."
