{"id":174118,"date":"2024-10-31T12:56:25","date_gmt":"2024-10-31T12:56:25","guid":{"rendered":"https:\/\/crypto-economy.com\/?p=174118"},"modified":"2024-10-31T12:56:29","modified_gmt":"2024-10-31T12:56:29","slug":"1inch-hit-by-supply-chain-attack-users-funds-and-data-at-risk-heres-what-to-know","status":"publish","type":"post","link":"https:\/\/crypto-economy.com\/1inch-hit-by-supply-chain-attack-users-funds-and-data-at-risk-heres-what-to-know\/","title":{"rendered":"1inch Hit by Supply Chain Attack! Users\u2019 Funds and Data at Risk \u2013 Here\u2019s What to Know"},"content":{"rendered":"
TL;DR<\/span><\/p>\n 1inch <\/span><\/a>has fallen victim to a significant supply chain attack, compromising its website and posing severe risks to users’ funds and <\/span>personal data<\/span><\/a><\/strong>. The breach, which also affected other platforms like TEN Finance, originated from malicious code injected into the Lottie Player frontend library, a widely-used animation tool. <\/span><\/p>\n On Oct 30, 9:12 PM – 11:22 PM CET, 1inch dApp users may have encountered a malicious wallet connect and signature request.<\/p>\n This signature allows an attacker to drain user's funds.<\/p>\n Only the 1inch web dApp was affected; the 1inch Wallet, API, and protocols were never compromised.<\/p>\n — 1inch (@1inch) October 31, 2024<\/a><\/p><\/blockquote>\n\n
\n
\n<\/li>\n<\/ul>\n\n