Hackers have breached StatCounter, one of many web’s largest net analytics platforms, and have inserted malicious code inside the corporate’s foremost site-tracking script.
In accordance to Matthieu Faou, the ESET malware researcher who found the hack, this malicious code hijacks any Bitcoin transactions made via the online interface of the Gate.io cryptocurrency exchange.
Faou says the malicious code was first added to this StatCounter script over the weekend, on Saturday, November three. The code continues to be stay, as this screenshot taken earlier than the article’s publication can attest.
In accordance to a PublicWWW search, there are over 688,000 web sites that at present seem to load the corporate’s monitoring script.
However in accordance to Faou, none of those firms have something to concern, no less than for now. It is because the malicious code inserted into StatCounter’s site-tracking script solely targets the customers of 1 web site –cryptocurrency exchange Gate.io.
The ESET researcher says that the malicious code appears on the web page’s present URL and will not activate until the web page hyperlink accommodates the “myaccount/withdraw/BTC” path.
Faou says that the one web site on which he recognized this URL sample was Gate.io, a significant cryptocurrency exchange, at present ranked 39th on CoinMarketCap’s rankings.
The URL focused by the malicious code is a part of a person’s account dashboard, and extra particularly it is the URL for the web page on which customers make Bitcoin withdrawals and transfers.
Faou says the malicious code’s goal is to secretly exchange any Bitcoin handle customers enter on the web page with one managed by the attacker.
“A special Bitcoin handle is used for every sufferer. We weren’t ready to discover the attackers’ foremost Bitcoin handle. Thus, we weren’t ready to pivot on the blockchain transactions and discover associated assaults,” Faou informed ZDNet, suggesting it is nonetheless not possible to decide the quantity of Bitcoin the group may need stolen.
Each ESET and ZDNet have reached out to StatCounter to inform it in regards to the safety breach, however the firm has not responded to both of us.
We additionally reached out to Gate.io, however the exchange, too, has not responded. Nonetheless, regardless of the radio silence, Gate.io admins have eliminated the StatCounter script from their web site.
“Gate.io does not use StatCounter anymore,” Faou informed ZDNet. “Thus, Gate.io clients ought to be secure now.”
Nonetheless, there are nonetheless questions with reference to the variety of Gate.io customers who may need been affected by this safety incident, and the reparations they could be entitled to, questions which Gate.io nonetheless wants to handle.