A popular cryptocurrency exchange is the victim of the latest string of hacks who compromised a widely used web analytics platform earlier in the week.
According to a recent report from the internet security firm ESET, an Irish based web analytics site StatCounter was hacked in an attempt to steal Bitcoin from customers of the Gate.io cryptocurrency exchange.
Data from CoinMarketCap shows that Gate.io is the 38th biggest crypto exchange around the world by trading volume and according to the companies website they are based in the Cayman Islands.
The hackers used malicious code into the script of the Irish analytics site and also registered a similar domain to the official one. The fake domain-swapped round two letters from the original which resulted in ‘StatConuter’ and when your scanning for unusual activity isn’t something that’s easy to spot according to ESET. they added that the domain had previously been suspended in 2010 for association with abusive behaviour.
StatCounter has over two million websites to look over and provides statistics on billions daily web hits all the time. The fake account managed to get picked up by several sites despite Gate.io being the only target this time around.
In the report it states:
“It turns out that among the different cryptocurrency exchanges live at the time of writing, only Gate.io has a valid page with this URI. Thus, this exchange seems to be the main target of this attack.”
According to CoinDesk, the URL is notably used by Gate.io to transfer Bitcoin from its own account to an external Bitcoin address according to the report. The hackers’ script automatically replaces a users Bitcoin address with one that was owned by one of the hackers.
As the harmful server generates a new Bitcoin address each time a visitor loads the StatConuter script, “it is hard to see how many bitcoins have been transferred to the attackers,” according to the researchers.
After the cryptocurrency exchange was alerted by ESET regarding the breach, Gate.io revealed that they had removed the StatCounter service from its site immediately and wanted to make it known that all the user’s funds were safe.
What are your thoughts? Let us know what you think down below in the comments!