October 30, 2024
Fix hacked crypto wallet popup on your website
Justin Golden
webdev
Problem
Lottie Files was recently hacked with malware displaying a crypto wallet popup on websites. This seems to target websites with React, which also includes WordPress websites.
Solution
Downgrade to version 2.0.4 of lottie files.
If you have a newer version or @latest
(which is bad security practice for reasons now obvious), downgrade to 2.0.4 or earlier.
https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
More Blog Articles