Hackers infect 700K sites to steal crypto

Cybersecurity firm ESET has made a scary discovery.  Researchers and analysts at the company have determined that a popular tool used to provide statistics on webpage traffic has been compromised to allow hackers to steal Bitcoin (BTC).  In one targeted attack, more than 688,000 websites were found to be loading the malicious script.

StatCounter is a tool for web traffic analysis that is found on millions of sites.  It is similar to Google Analytics and works through a special script that is added to the website's code.  ESET indicates that hackers were able to manipulate the script to conduct their crypto-stealing escapades.

According to ESET's announcement, "On November 3, attackers successfully breached StatCounter, a leading web analytics platform. This service is used by many webmasters to gather statistics on their visitors – a service very similar to Google Analytics. To do so, webmasters usually add an external JavaScript tag incorporating a piece of code from StatCounter  – www.statcounter[.]com/counter/counter.js – into each webpage. Thus, by compromising the StatCounter platform, attackers can inject JavaScript code in all websites that use StatCounter."

The code specifically targeted users of the Gate.io crypto exchange.  The hackers were able to configure the code to change crypto wallet addresses on target machines.  Once the target was infected, any time a user made a transaction, they ran the risk of having the crypto sent to a hacker's address, instead of the intended recipient's address.

Gate.io handles more than $1.7 million daily in crypto, according to CoinMarketCap.  The company has announced that it is going to remove the StatCounter script from its site and is urging users to enable two-factor authentication for their accounts.

Don't Miss these Cryptocurrency Stories
  • JOIN NOW
    Join the most trusted US poker site since 2001 and get a 100% bonus on your first deposit, up tp $1,000!
  • STAY UP TO DATE
    Stay up to date on the latest poker news through social media. Join us at Facebook/americascardroomnet and follow us @ACR_POKER on Twitter. We invite you to share ideas and reactions.