Trusted

Crypto Exchange Gate.io Targeted by Cybercriminals

2 mins
Updated by Adam James
Join our Trading Community on Telegram

In Brief

  • Another day, another hack!
  • promo

Hackers are getting more and more inventive in their attempts to steal virtual coins from users of cryptocurrency exchanges. Just ask Gate.io.
According to the latest report published by anti-virus company ESET, a group of unknown cybercriminals breached Ireland-based web analytics platform StatCounter and integrated a malicious code to a plugin for gathering statistics on website visitors.

What Happened?

The attackers managed to modify the script of an external JavaScript file that webmasters usually embed into web pages they want to be tracked. Thus, by compromising the StatCounter platform, the attackers got the opportunity to disseminate their code among all websites that use the StatCounter tool — a big deal, considering that StatCounter gathers stats on more than 10 billion page views per month and has over 2 million registered websites. The malicious script was hidden in the middle of the script, which is why it took some time to discover the modification.

Two Million Potential Victims, One Real Target

The hackers used a fake domain with a name very similar to the legitimate StatCounter address. Careless users clicked the fake link and went to the domain registered by hackers. Out of millions of websites connected to StatCounter, the hackers targeted the cryptocurrency exchange Gate.io — because its the only site that uses the Uniform Resource Identifier (URI) ‘https://www.gate.io/myaccount/withdraw/BTC’ to transfer Bitcoins from its own account to external addresses. Bitcoin hack

How it Worked

The code automatically replaced the Bitcoin address entered by a Gate.io user with an address belonging to the hackers. While the administration of the exchange claim that users’ funds are out of danger, it is hard to say how many bitcoins (BTC) were actually stolen by hackers. Most likely the victims didn’t notice anything wrong as a new address was generated each time a visitor loaded the statconuter[.]com/c.php script and the replacement happened after they clicked “submit” button. Gate.io performs Bitcoin transactions to the tune of $1.6 million on a daily basis, which makes it a lucrative target for hackers. Have you ever used Gate.io? Let us know your thoughts in the hack in the comments below! 
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Tanya-Chepkova.png
Tanya Chepkova
Tanya started as a financial news feed translator and worked as a financial analyst, news editor and content creator in various Russian and Foreign media outlets. She came to the cryptocurrency industry in 2016.
READ FULL BIO
Sponsored
Sponsored