THELOGICALINDIAN - Cybercriminals accept afraid one of the better website cartage analytics platforms on the web and with it accept injected awful cipher into over 600000 websites in an attack to accretion admission to Bitcoin captivated at cryptocurrency barter Gateio
Gate.io Targeted Through StatCounter Backdoor
Matthieu Faou, malware researcher for the Bratislava, Slovakia-based cybersecurity close ESET, has apparent a band of awful cipher in a website traffic-tracking calligraphy provided by arch website analytics close StatCounter, letters ZDNet.
StatCounter, like Google Analytics and Alexa, clue assorted metrics websites use for admirers development, sales conversations and abundant more. Websites are appropriate to add a band of cipher to their sites, which again advance these assertive website statistics. However, that claim has angry into a vulnerability, arch to over 688,000 websites loading the band of awful code.
The about 700,000 websites arise to be safe from any abeyant harm, as the awful cipher accurately targets Bitcoin affairs actuality fabricated through accepted cryptocurrency barter Gate.io. Gate.io is currently ranked 40th by adapted trading volume, according to abstracts from CoinMarketCap, with about $50 actor in circadian trading volume, authoritative the barter a prime ambition for cybercriminals.
The ESET malware researcher says that the cipher was aboriginal added to StatCounter’s website-tracking calligraphy on November 3, and the cipher is still currently alive four canicule later. Faou claims to accept accomplished out to StatCounter, but has yet to accept a response.
“The JavaScript book at www.statcounter[.]com/counter/counter.js is still compromised,” Faou explained.
Faou adds that the malicious code actual accurately searches for web pages that accommodate the URL aisle “myaccount/withdraw/BTC” – a URL cord that is abnormally begin on the area of Gate.io that manages a user’s Bitcoin transfers.
The code, Faou says, functions like accepted cryptocurrency-targeting clipboard malware, area actual Bitcoin wallet addresses are replaced by wallet addresses endemic by the cybercriminals who injected the code.
The hackers accept additionally taken accomplish to adumbrate their tracks, application a altered Bitcoin abode for anniversary new victim that avalanche casualty to the malware. Users may not alike apprehension the change of abode until it’s too late, as the malware is advised to activate afterwards the user clicks on the abide button to alteration funds. Because of all the ambiguity surrounding the hack, Faou says it is alien how abounding BTC the hackers accept fabricated off with as a result.
Gate.io has back fabricated a statement on Twitter, claiming to accept removed the StatCounter tracking calligraphy from its website. However, there still appears to be a vulnerability in StatCounter’s aegis that could aftereffect any of the two actor websites StatCounter services. StatCounter itself is ranked amid the top 2,500 websites in the United States, and is ranked 5,072 globally, according to Alexa Traffic Ranking data.
