Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Home » News » Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io
November 7, 2018 by
Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Hackers have attacked an internet site called StatCounter, an internet analytics system similar to Google analytics, to swipe Bitcoin, according to a research study report. The report stated that a supply chain strike was released on StatCounter by infusing a malicious javascript code to modify the javascript used by the internet site. StatCounter is an analytics platform which has more than 2 billion member websites. A hacked StatCounter means that the hacker can infuse code in all the web sites that utilize StatCounter.

The script at www.statcounter [] com/counter/counter. js was changed by the aggressors to include a piece of code in the middle of the manuscript. Normally cyberpunks add code at the start or at the end of the manuscript. Including code in the middle of a manuscript can avoid discovery as a questionable code in the middle of the script is more difficult to recognize.

The piece of code added by the hackers was configured to detect any kind of LINK that contains myaccount/withdraw/BTC. This indicates that hackers were trying to take Bitcoin from a system which traded Bitcoin. After effective recognition of the desired URL, the script will certainly include a brand-new script aspect to the webpage associated to the LINK and also fuse the code at https://www.statconuter [] com/c. php.

Hacking done the wise way
The domain used by the hackers is extremely comparable to the initial domain name. The hackers have turned two letters from StatCounter, which makes it tougher to find the destructive manuscript. According to the record this domain has actually been suspended in 2010 therefore spam as well as misuse.
The study found that the LINK, myaccount/withdraw/BTC, targeted by the code was active on only one page and also the page came from Gate.io, a crypto exchange. Therefore, the study concludes that Gate.io was the major target of the hack. Gate.io attributes over a million bitcoin purchases implying that the robbing Bitcoins from the exchange walking cane pay.

The website https://www.gate [] io/myaccount/withdraw/ BTC is made use of to transfer bitcoin from a gate.io account to an outside Bitcoin address. Throughout the 2nd step in the transaction procedure when the user clicks the send button for the withdrawal, the harmful manuscript will transform the destination Bitcoin address. The cyberpunks appear have raised the stake by altering the Bitcoin address with each deal making it tough to identify the number of Bitcoins moved to fake addresses.

© Copyright 2018. Crypto Clast. Designed by Space-Themes.com.