The front-end websites of several online crypto apps were compromised on Oct. 30 after attackers injected malicious code into an update of a popular and widely used animation library. Decentralized finance apps, including 1inch and TEN Finance, showed popups asking users to connect their wallet, which was actually for the crypto drainer “Ace Drainer,” crypto security platform Blockaid said in an Oct. 30 X post. Gal Nagli, a security lead at cybersecurity firm Wiz, explained the compromise was from a “massive supply chain attack” on the Lottie Player library — a hugely popular service that prov…