Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Home » News » Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io
November 7, 2018 by
Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Hackers have assaulted a website called StatCounter, a web analytics system similar to Google analytics, to steal Bitcoin, according to a research study record. The record stated that a supply chain attack was introduced on StatCounter by injecting a harmful javascript code to modify the javascript made use of by the site. StatCounter is an analytics system which has over 2 billion member internet sites. A hacked StatCounter indicates that the hacker can inject code in all the internet sites that make use of StatCounter.

The manuscript at www.statcounter [] com/counter/counter. js was modified by the enemies to add a piece of code in the middle of the script. Usually hackers add code at the beginning or at the end of the manuscript. Including code in the middle of a script can prevent discovery as a questionable code in the middle of the script is more difficult to identify.

The piece of code added by the hackers was set to spot any type of LINK which contains myaccount/withdraw/BTC. This indicates that cyberpunks were attempting to swipe Bitcoin from a system which traded Bitcoin. After effective recognition of the wanted URL, the manuscript will certainly include a brand-new script aspect to the web page connected to the LINK as well as fuse the code at https://www.statconuter [] com/c. php.

Hacking done the smart way
The domain name used by the hackers is really comparable to the original domain. The hackers have actually turned 2 letters from StatCounter, that makes it more challenging to find the harmful manuscript. According to the report this domain has actually been suspended in 2010 on account of spam as well as abuse.
The research study located that the LINK, myaccount/withdraw/BTC, targeted by the code was active on just one page and the web page came from Gate.io, a crypto exchange. As a result, the study ends that Gate.io was the main target of the hack. Gate.io functions over a million bitcoin purchases suggesting that the robbing Bitcoins from the exchange walking cane be profitable.

The webpage https://www.gate [] io/myaccount/withdraw/ BTC is utilized to transfer bitcoin from a gate.io account to an outside Bitcoin address. During the second action in the transaction process when the customer clicks the send button for the withdrawal, the malicious manuscript will alter the location Bitcoin address. The hackers appear have actually elevated the ante by transforming the Bitcoin address with each deal making it tough to determine the variety of Bitcoins transferred to phony addresses.

© Copyright 2018. BitCoin Palas. Designed by Space-Themes.com.