Hackers Infiltrate 600Ok Websites Through StatCounter in Search of Bitcoin
Cybercriminals have hacked one of the most important web page site visitors analytics platforms on the net, and with it have injected malicious code into over 600,000 web pages in an try to acquire get admission to to Bitcoin held at cryptocurrency trade Gate.io.
Gate.io Targeted Through StatCounter Backdoor
Matthieu Faou, malware researcher for the Bratislava, Slovakia-based cybersecurity company ESET, has found out a line of malicious code in a web page traffic-tracking script equipped by means of main web page analytics company StatCounter, stories ZDNet.
StatCounter, like Google Analytics and Alexa, monitor quite a lot of metrics web pages use for target market construction, gross sales conversations and a lot more. Websites are required so as to add a line of code to their websites, which then tracks those positive web page statistics. However, that requirement has became a vulnerability, resulting in over 688,000 web pages loading the road of malicious code.
The just about 700,000 web pages seem to be protected from any doable hurt, because the malicious code particularly objectives Bitcoin transactions being made thru well-liked cryptocurrency trade Gate.io. Gate.io is these days ranked 40th by means of adjusted buying and selling quantity, in step with information from CoinMarketCap, with just about $50 million in day by day buying and selling quantity, making the trade a primary goal for cybercriminals.
The ESET malware researcher says that the code was once first added to StatCounter’s website-tracking script on November three, and the code continues to be these days energetic 4 days later. Faou claims to have reached out to StatCounter, however has but to obtain a reaction.
Faou provides that the malicious code very particularly searches for internet pages that include the URL trail “myaccount/withdraw/BTC” – a URL string this is uniquely discovered at the segment of Gate.io that manages a consumer’s Bitcoin transfers.
The code, Faou says, purposes like commonplace cryptocurrency-targeting clipboard malware, the place right kind Bitcoin pockets addresses are changed by means of pockets addresses owned by means of the cybercriminals who injected the code.
The hackers have additionally taken steps to cover their tracks, the usage of a distinct Bitcoin cope with for each and every new sufferer that falls prey to the malware. Users won’t even understand the alternate of cope with till it’s too past due, because the malware is designed to cause after the consumer clicks at the post button to switch finances. Because of the entire uncertainty surrounding the hack, Faou says it’s unknown what number of BTC the hackers have made off with consequently.
Gate.io has since made a observation on Twitter, claiming to have got rid of the StatCounter monitoring script from its web page. However, there nonetheless seems to be a vulnerability in StatCounter’s safety that might impact any of the 2 million web pages StatCounter services and products. StatCounter itself is ranked a number of the best 2,500 web pages in the United States, and is ranked five,072 globally, in step with Alexa Traffic Ranking information.
Featured symbol from Shutterstock.