Voted Coins
Icon Karma (on Sol) - Airdrop Icon AlttC (on Sol) Icon Get your coin listed here
Icon Karma (on Sol) - Airdrop Icon AlttC (on Sol) Icon Get your coin listed here

« previous next »
Pages: [1]   Go Down

Author Topic: Hackers Breach Popular Web Analytics Site to Target Crypto Exchange  (Read 1045 times)

Offline Pegasus

  • Legendary
  • *
  • Activity: 1502
  • points:
    9826
  • Karma: 28
  • Trade Count: (0)
  • Referrals: 0
    • Last Active: December 31, 2024, 02:45:41 PM
    • View Profile

    • Total Badges: 22
    Badges: (View All)
    Sixth year Anniversary Fifth year Anniversary Fourth year Anniversary
Hackers Breach Popular Web Analytics Site to Target Crypto Exchange
« on: November 07, 2018, 02:22:01 PM »
Cryptocurrency exchange Gate.io was apparently the target of hackers who compromised a widely used web analytics platform this week.

According to a report from internet security firm ESET on Tuesday, bad actors compromised popular, Ireland-based web analytics site StatCounter, in an attempt to steal bitcoin from the exchange's customers.

The attackers managed to inject malicious code into the script of StatCounter webpage, having also registered a domain very similar to the official one. The fake domain swapped two letters from the original to form "StatConuter", which can be difficult to spot while scanning for unusual activity, says ESET, adding that the domain had previously been suspended in 2010 for association with abusive behaviour.

StatCounter is used by more than two million websites, according to its own figures, and it provides statistics on billions of web hits daily.  The fake account managed to get picked up by a number of sites, although Gate.io seems to have been the only target.

The report states that the script targets a specific uniform resource identifier (URI): "myaccount/withdraw/BTC."

"It turns out that among the different cryptocurrency exchanges live at time of writing, only Gate.io has a valid page with this URI. Thus, this exchange seems to be the main target of this attack," it concludes.

The URI is notably used by Gate.io to transfer bitcoin from its own account to an external bitcoin address, according to the report.

The script automatically replaces the user's bitcoin address with one belonging to the attackers, the report indicates.

As the malicious server generates a new bitcoin address each time a visitor loads the StatConuter script, "it is hard to see how many bitcoins have been transferred to the attackers," the researchers say.

After being notified by ESET about the breach, Gate.io announced Wednesday that it "immediately removed" the StatCounter service from its site, and stressed that the users' funds are "safe."

CoinMarketCap data indicates that Gate.io is the 38th largest crypto exchange globally by adjusted trading volume.

Source
Logged

Altcoins Talks - Cryptocurrency Forum

Hackers Breach Popular Web Analytics Site to Target Crypto Exchange
« on: November 07, 2018, 02:22:01 PM »

This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here

Pages: [1]   Go Up
« previous next »
 

ETH & ERC20 Tokens Donations: 0x2143F7146F0AadC0F9d85ea98F23273Da0e002Ab
BNB & BEP20 Tokens Donations: 0xcbDAB774B5659cB905d4db5487F9e2057b96147F
BTC Donations: bc1qjf99wr3dz9jn9fr43q28x0r50zeyxewcq8swng
BTC Tips for Moderators: 1Pz1S3d4Aiq7QE4m3MmuoUPEvKaAYbZRoG
Powered by SMFPacks Social Login Mod