Oddbean new post about login | logout This looks like an XSS attack
My friend sent me the same image yesterday asking the same thing. what is this exactly?
This is like a phishing thing, right? Where the attacker just hopes you will clicky click on the scam wallets? @hodlbod
Yep, exactly. Definitely don't use it.
fwiw, I did a malware scan now and found nothing. so all good 😊
Replicated it, it's an XSS
Holy shit! https://github.com/airbnb/lottie-web/issues/3127
Amazing. I was just inspecting that too, but seemed like an innocuous library.
If you're getting a wallet connect popup on primal desktop... DON'T connect to it. nostr:note1zjqtju8gx6sr6ud0xw207ezpnn9jcgnvwlp6075fgrhtk9hd5m7quy7hng
Están atacando
I'm not sure it is specific to nostr or primal, anyone using this plugin would probably be affected.
nostr:nevent1qqspfq9ewr5rdgpawxhn898lv3qeejevyfk80sa8l2y5pm4mzmk6dlqpzemhxue69uhkummnw3ex2mrfw3jhxtn0wfnj7q3qq3sle0kvfsehgsuexttt3ugjd8xdklxfwwkh559wxckmzddywnwsxpqqqqqqz3dsavw
Nostr devs on top of things 🫡
Insane, primal just removed the lottie-player https://github.com/PrimalHQ/primal-web-app/commit/299a26daa1ec6ebc642e117827c9b21c0b3117ec
Yep, just discovered myself that this is the source of the issue: https://github.com/airbnb/lottie-web/issues/3127
Nostr devs on top of things 🫡
Están atacando
I'm not sure it is specific to nostr or primal, anyone using this plugin would probably be affected.
nostr:nevent1qqspfq9ewr5rdgpawxhn898lv3qeejevyfk80sa8l2y5pm4mzmk6dlqpzemhxue69uhkummnw3ex2mrfw3jhxtn0wfnj7q3qq3sle0kvfsehgsuexttt3ugjd8xdklxfwwkh559wxckmzddywnwsxpqqqqqqz3dsavw
The WalletConnect popup on the browser webpage. Instead of zapping it would bring up a bunch of shitcoin wallets. HodlBod clarified that it was likely an XSS Attack and was able to replicate it. Primal since removed the Lottie player. nostr:nevent1qqsd8r8gkljxp08q6x8rh26zevsduf26kegkvde9p57pu3qwfvv06nqpzdmhxue69uhhwmm59e6hg7r09ehkuef0qgsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgsrqsqqqqqp7mxule