Hackers Breach Popular Web Analytics Site to Target Crypto Exchange

Cryptocurrency exchange Gate.io was apparently the target of hackers who compromised a widely used web analytics platform.

Nov 7, 2018 at 1:05 p.m. UTC
Updated Sep 13, 2021 at 8:34 a.m. UTC

Cryptocurrency exchange Gate.io was apparently the target of hackers who compromised a widely used web analytics platform this week.

According to a report from internet security firm ESET on Tuesday, bad actors compromised Ireland-based web analytics site StatCounter, in an attempt to steal bitcoin from the exchange's customers.

The attackers managed to inject malicious code into the script of StatCounter webpage, having also registered a domain very similar to the official one. The fake domain swapped two letters from the original to form "StatConuter", which can be difficult to spot while scanning for unusual activity, says ESET, adding that the domain had previously been suspended in 2010 for association with abusive behaviour.

StatCounter is used by more than two million websites, according to its own figures, and it provides statistics on billions of web hits daily.  The fake account managed to get picked up by a number of sites, although Gate.io seems to have been the only target.

The report states that the script targets a specific uniform resource identifier (URI): "myaccount/withdraw/BTC."

"It turns out that among the different cryptocurrency exchanges live at time of writing, only Gate.io has a valid page with this URI. Thus, this exchange seems to be the main target of this attack," it concludes.

The URI is notably used by Gate.io to transfer bitcoin from its own account to an external bitcoin address, according to the report. The hackers' script automatically replaces a user's bitcoin address with one belonging to the attackers.

As the malicious server generates a new bitcoin address each time a visitor loads the StatConuter script, "it is hard to see how many bitcoins have been transferred to the attackers," the researchers say.

After being notified by ESET about the breach, Gate.io announced Wednesday that it "immediately removed" the StatCounter service from its site, and stressed that the users' funds are "safe."

CoinMarketCap data indicates that Gate.io is the 38th largest crypto exchange globally by adjusted trading volume. The firm's website indicates it is based in the Cayman Islands.

Hacker image via Shutterstock 

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
El presidente de El Salvador promueve la adopción de bitcoin entre países emergentes

Nayib Bukele recibe a representantes financieros de 44 economías en desarrollo en la reunión anual de la Alianza para la Inclusión Financiera.

Nayib Bukele recibe a representantes financieros de 44 economías en desarrollo en la reunión anual de la Alianza para la Inclusión Financiera.

2
Crypto Wallet BitKeep Raises $15M at $100M Valuation

Dragonfly Capital led the round, which will fund a cross-chain DAO for wallet users.

Dragonfly Capital led the round, which will fund a cross-chain DAO for wallet users.

3
SEC’s Gensler Uses Crypto Oversight Needs as Case for Higher Budget

SEC Chair Gary Gensler told U.S. House budget appropriators that he’d like to be doing more to protect crypto investors.

SEC Chair Gary Gensler told U.S. House budget appropriators that he’d like to be doing more to protect crypto investors.

4
Mike Novogratz Ends Twitter Silence, Shares Take on UST/LUNA Crash

The Galaxy Digital CEO confirmed that his company had been taking profits on its Terra holdings this year.

The Galaxy Digital CEO confirmed that his company had been taking profits on its Terra holdings this year.