Recently, there has been an increase in cases of malware downloads aimed at emptying cryptocurrency wallets. It infiltrates websites through a vulnerability in the popular JavaScript library for creating user interfaces, React, reports Cointelegraph.
On December 3, the React team reported that white hat hacker Lachlan Davidson discovered a vulnerability that allows for remote code execution without authentication. On the same day, specialists released an update.
According to the non-profit cybersecurity organization Security Alliance (SEAL), attackers are using this vulnerability to stealthily add drainers' code to cryptocurrency sites.
SEAL emphasized that not only Web3 protocols are at risk, but all websites in general. Users were advised to exercise extreme caution when signing any transactions or permissions.#Write2Earn
