Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Home » News » Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io
November 7, 2018 by
Hackers launch supply chain attack in a bid to steal Bitcoin: targets Gate.io

Hackers have actually assaulted a web site called StatCounter, a web analytics system similar to Google analytics, to swipe Bitcoin, according to a research study record. The record stated that a supply chain strike was introduced on StatCounter by injecting a malicious javascript code to change the javascript used by the internet site. StatCounter is an analytics platform which has more than 2 billion participant internet sites. A hacked StatCounter suggests that the cyberpunk can inject code in all the websites that utilize StatCounter.

The manuscript at www.statcounter [] com/counter/counter. js was modified by the assailants to add a piece of code in the middle of the manuscript. Normally hackers include code at the beginning or at the end of the script. Adding code in the middle of a manuscript can stay clear of detection as a questionable code in the middle of the script is more challenging to recognize.

The piece of code included by the cyberpunks was configured to find any type of URL which contains myaccount/withdraw/BTC. This indicates that cyberpunks were attempting to take Bitcoin from a system which traded Bitcoin. After successful recognition of the preferred URL, the manuscript will include a brand-new script component to the page associated to the LINK and fuse the code at https://www.statconuter [] com/c. php.

Hacking done the wise way
The domain name utilized by the hackers is extremely comparable to the initial domain. The hackers have turned two letters from StatCounter, that makes it more difficult to identify the malicious manuscript. According to the record this domain name has actually been put on hold in 2010 on account of spam as well as abuse.
The research study discovered that the URL, myaccount/withdraw/BTC, targeted by the code was active on only one page and the page belonged to Gate.io, a crypto exchange. For that reason, the research study wraps up that Gate.io was the main target of the hack. Gate.io functions over a million bitcoin purchases suggesting that the robbing Bitcoins from the exchange walking stick pay.

The webpage https://www.gate [] io/myaccount/withdraw/ BTC is made use of to move bitcoin from a gate.io account to an outside Bitcoin address. During the 2nd step in the transaction process when the user clicks the send switch for the withdrawal, the harmful script will certainly change the destination Bitcoin address. The cyberpunks seem have actually raised the ante by changing the Bitcoin address with each deal making it tough to determine the number of Bitcoins transferred to fake addresses.

© Copyright 2018. The Biased Coin. Designed by Space-Themes.com.