Gate.io Bitcoin Transactions Breached by Hacking StatCounter

March 11, 2019
Gate.io Bitcoin Transactions Breached by Hacking StatCounter

Malicious Hackers have broken StatCounter, one of the web’s biggest web investigation stages, and have embedded pernicious code inside the organization’s principle website following content.

As per Matthieu Faou, the ESET malware specialist who found the hack, this pernicious code seizes any Bitcoin exchanges made through the web interface of the Gate.io digital currency trade.

“We reached [StatCounter] yet they haven’t answered yet,” Faou revealed to ZDNet today in an email. “The JavaScript record at www.statcounter[.]com/counter/counter.js is still bargained.”

Faou says the noxious code was first added to this StatCounter content throughout the end of the week, on Saturday, November 3. The code is still live, as this screen capture taken before the article’s distribution can confirm.

 

This JavaScript document is the focal bit of StatCounter’s investigation benefit. Like the Google Analytics following code, organizations stack this content on their destinations to track visits and audit activity history.

 

As per a PublicWWW look, there are more than 688,000 sites that right now seem to stack the organization’s following content.

 

In any case, as indicated by Faou, none of these organizations have anything to fear, at any rate until further notice. This is on account of the noxious code embedded into StatCounter’s site-following content just focuses on the clients of one site – digital currency trade Gate.io.

The security firm analyst says that the pernicious code takes a gander at the page’s present URL and won’t enact except if the page interface contains the “myaccount/pull back/BTC” way.

Faou says that the main site on which he distinguished this URL design was Gate.io, a noteworthy digital money trade, right now positioned 39th on CoinMarketCap’s rankings.

 

The URL focused by the vindictive code is a piece of a client’s record dashboard, and all the more particularly it’s the URL for the page on which clients make Bitcoin withdrawals and exchanges.

Faou says the noxious code’s motivation is to subtly supplant any Bitcoin address clients enter on the page with one controlled by the assailant.

Nonetheless, there are still inquiries with respect to the quantity of Gate.io clients who may have been influenced by this security occurrence, and the reparations they may be qualified for, questions which Gate.io still needs to address.

The StatCounter occurrence is only the most recent episode in a considerable rundown of late inventory network assaults by means of outsider JavaScript code stacked on genuine destinations. In the previous year, heels have hacked a few online administrations to convey in-program digital currency mining contents or card-skimming code to clueless clients.

Just IN – November 8, 8:49am ET: A StatCounter representative disclosed to ZDNet today that the organization had expelled the vindictive code from its content on Tuesday, November 6, not long after ESET’s disclosures. Gate.io, the influenced trade has additionally distributed a security warning on its site where it said it expelled StatCounter from its site’s code and furthermore cleared up that it hadn’t gotten any reports of lost assets from its clients.

 

About the author

Leave a Reply