Two Million Potential Victims, One Real TargetThe hackers used a fake domain with a name very similar to the legitimate StatCounter address. Careless users clicked the fake link and went to the domain registered by hackers. Out of millions of websites connected to StatCounter, the hackers targeted the cryptocurrency exchange Gate.io — because its the only site that uses the Uniform Resource Identifier (URI) ‘https://www.gate.io/myaccount/withdraw/BTC’ to transfer Bitcoins from its own account to external addresses.
How it WorkedThe code automatically replaced the Bitcoin address entered by a Gate.io user with an address belonging to the hackers. While the administration of the exchange claim that users’ funds are out of danger, it is hard to say how many bitcoins (BTC) were actually stolen by hackers. Most likely the victims didn’t notice anything wrong as a new address was generated each time a visitor loaded the statconuter[.]com/c.php script and the replacement happened after they clicked “submit” button. Gate.io performs Bitcoin transactions to the tune of $1.6 million on a daily basis, which makes it a lucrative target for hackers. Have you ever used Gate.io? Let us know your thoughts in the hack in the comments below!
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.