Contact

Differential analysis raises red flags over @lottiefiles/lottie-player

NetmanageIT OpenCTI - opencti.netmanageit.com

Differential analysis raises red flags over @lottiefiles/lottie-player



SUMMARY :

ReversingLabs researchers discovered malicious versions of the popular npm package @lottiefiles/lottie-player. Versions 2.0.5, 2.0.6, and 2.0.7 were compromised and used to spread malicious code designed to steal crypto wallet assets. The attackers altered the lottie-player.js file, replacing its code with their own. Differential analysis revealed significant changes in package size and behaviors, including the introduction of URLs related to Bitcoin exchange services. The compromise was quickly detected, and LottieFiles maintainers worked with npm to remove the malicious versions. This incident highlights the importance of secure development practices, such as pinning dependencies to specific versions and regularly conducting security assessments to verify the integrity of open-source libraries.

OPENCTI LABELS :

cryptocurrency theft,supply chain attack,npm,package compromise,open-source security,differential analysis


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Differential analysis raises red flags over @lottiefiles/lottie-player