Cryptohackers Breach StatCounter to Steal Bitcoins

November 24, 2018
Cryptohackers Breach StatCounter to Steal Bitcoins

Cryptocurrency suffered big revenue loss since the beginning of 2017 as hackers find it more lucrative leaving Ransomware behind, That is (US)$882 million in funds stolen via focused assaults throughout at the least 14 exchanges. This hack provides another to the checklist,” Waller advised TechNewsWorld. CyrGate.io bitcoin exchange platform account holders were breached after adding malicious code to its StatCounter.

Bitcoin transactions online were hijacked and concealed of its activity since the code contains the path “myaccount/withdraw/BTC” path. The malicious code secretly can replace any bitcoin address that users enter on the page with one controlled by the attacker. Security experts view this breach as critical because so many websites load StatCounter’s tracking script. In this instance, attackers chose to target the users at Gate.io, an important cryptocurrency exchange, said Eset’s Faoul. When a user submitted a bitcoin withdrawal, attackers in real time replaced the destination address with an address under their control.

 

Attackers were able to target Gate.io by compromising a third-party organization, a tactic known as a “supply chain attack.” They could have targeted many more websites, Faoul noted.

 

“This security breach is really important considering that — according to StatCounter — more than 2 million websites are using their analytics platform,” Faou told TechNewsWorld. “By modifying the analytics script injected in all those 2 million websites, attackers were able to execute JavaScript code in the browser of all the visitors of these websites.”

 

The breach additionally is critical as a result of it reveals elevated sophistication amongst hackers concerning the instruments and strategies they use to steal cryptocurrency, famous George Waller, CEO of
BlockSafe Applied sciences.

“So many corporations throughout the cryptocurrency house depend on third-party corporations for various duties and duties. The ramification of this outsourcing is a lack of accountability. This places many corporations in a troublesome spot, unable to find assaults of this nature earlier than it’s too late,” he advised TechNewsWorld.

As a substitute, community admins ought to work towards creating in-house variance of their instruments and merchandise, from starting to finish, Jian prompt, to make sure that management of those safety measures lies inside their attain.

 

About the author

Leave a Reply