Cryptocurrency exchange Gate.io could be the target of a cyber-attack that hacked into this week, a popular web Analytics service, according to the company ESET.
According to her information, hackers broke into the Irish web Analytics service StatCounter. They were able to integrate malicious code into the StatCounter page. They also registered a domain that is difficult to distinguish from the original, swapping two letters and thus obtaining “StatConuter”. ESET notes that this domain was already suspended in 2010 due to its Association with malicious activity.
StatCounter is used by more than 2 million websites, according to its own data. The fake account was taken for the original a variety of websites, but attackers probably were only interested in the exchange Gate.io.
The researchers note that the malicious script was targeted at a unified resource identifier (URI)”myaccount/withdraw/BTC”.
It was established that all of the plurality of exchanges, which functioned at the time of this writing, only Gate.io is the current page at that URI. Thus, the exchange was the main target of the attack
the company writes.
The specified identifier is used by the Gate exchange.io to transfer bitcoins from her own account to third party addresses. The malicious script automatically replaces the bitcoin address of the user with the address of the attacker, the publication says. The attacker’s server generates a new address each time a user loads a StatConuter script, making it “difficult to determine how many bitcoins could have been stolen.”
Gate.io was notified about the vulnerability of employees and ESET reported that “immediately deleted” the service StatCounter from its website, stressing that all the assets of its users remain safe.