Hackers tried to attack the Gate.io crypto exchange by hacking the web analytics service
According to her information, hackers broke into the Irish web analytics service StatCounter. They managed to integrate malicious code into the StatCounter page. Also they are registered domain, difficult to distinguish from the original, by swapping two letters in places and thus getting “StatConuter”. ESET notes, what action of this domain already suspended in 2010 year due to him links with malicious activity.
StatCounter is used more than 2 million websites, according to his own data. Fake account has been accepted per original by many sites, but attackers were probably interested in only Gate.io exchange.
The researchers note that the malicious script targeted the Uniform Resource Identifier (URI) “myaccount / withdraw /BTC“.
“It was found that of the entire set of exchanges that functioned in time writing this material, only Gate.io has a valid page with this URI. Thus, the exchange was the main target of the attack. “, – writes company.
The specified identifier is used exchange Gate.io for transferring bitcoins from its own invoices to third-party addresses. The malicious script automatically replaces the user’s bitcoin address with the attacker’s address, the publication says. The attacker’s server generates new address every time the user loads the StatConuter script, of-for what “it is difficult to determine how much bitcoins could have been stolen “.
Gate.io was notified about vulnerabilities by ESET employees and reported, what “right away the same removed the “StatCounter service from his site, emphasizing that everything assets her users stay safe.