Slow Fog Cosine: The supply chain poisoning attack on Lottie Player is related to a phishing gang called Ace Drainer, and the relevant projects need to check the security of the front-end script modules

ChainCatcher news, Slow Mist founder Cosine stated that Lottie Player was attacked by supply chain poisoning, with Ace Drainer related to phishing gangs poisoning the front-end script module Lottie Player relied on by well-known Web3 projects. Fortunately, it was discovered in time, and the impact should be minimal.

If your project uses the Lottie Player module, please check whether there is any malicious code introduced (currently known versions 2.0.4 and the latest 2.0.8 do not contain malicious code).