PANews reported on October 31 that, according to Scam Sniffer monitoring, Lottie Player suffered a supply chain attack earlier today, which may have affected projects such as 1inch and Movement.

In addition, the founder of Slow Fog, Yu Xian, commented: “Another supply chain poisoning attack, related to the phishing gang behind Ace Drainer, targeting the front-end script module relied upon by well-known Web3 projects. Fortunately, it was discovered in time, and the impact should be minimal. If your project uses the Lottie Player module, be sure to check if any malicious code has been introduced (currently known versions 2.0.4 and the latest 2.0.8 do not contain malicious code).”