Cryptocurrency hackers have attacked one of the internet’s most used traffic analytics services, StatCounter, in order to siphon Bitcoin $BTC▼0.81% from users of online exchange desk Gate.io.
In a targeted attack, hackers breached StatCounter to such an extent that over 688,000 websites were caught loading the malicious script, ZDNetreports.
StatCounter is much akin to Google Analytics, in that it allows analysis of the internet traffic flowing through websites. Webmasters must add special StatCounter code to their sites in order to get the statistics, an aspect of its design that hackers appear to have leveraged to spread their malicious code as widely as possible.
The attack redirected the Bitcoin of cryptocurrency traders, particularly when Gate.io users withdrew or transferred their Bitcoin. The code simply replaced any Bitcoin address entered into the page with one owned by the hackers.
Security researchers from ESET, a Slovakian cybersecurity firm, were the first to discover the exploit, which it describes as a “supply-chain attack.” See more...