On October 31st, 2024, the popular npm library @lottiefiles/lottie-player was found to contain malicious code prompting users to connect their crypto wallets. The malicious code was added after an npm registry account token used for publishing packages was compromised. Safe and vulnerable version ranges for Lottie Player npm package are provided, along with instructions on how to use Snyk to determine if you have installed the malicious versions. This incident follows a similar attack vector that impacted the Polyfill library in June 2024, attempting to steal cryptocurrency through a crypto wallet financial theft.