Advertisement
AD

Main navigation

Attacks on Exchanges and Institutions for Stealing and Illegal Mining Intensify

Advertisement
Wed, 7/11/2018 - 16:43
Attacks on Exchanges and Institutions for Stealing and Illegal Mining Intensify
Cover image via U.Today
Read U.TODAY on
Google News
Contents
Advertisement

Cryptocurrency hackers attacked one of the most frequently used Web traffic analysis services StatCounter to steal Bitcoins from users of Gate.io, an online exchange.

Malicious script

A deliberate attack resulted in more than 688,000 websites discovered to be loading the malicious script.

StatCounter is very similar to Google Analytics. It allows analyzing Internet traffic on the websites. To get this stat, a webmaster needs to add the StatCounter code to their site. This design aspect appears to be widely used by hackers to embed and distribute their malicious code.

The attack redirected traders’ crypto transactions while Gate.io users were trying to withdraw or transfer their BTC. The code simply replaced any entered on the page BTC address with a hacker’s one.

Related
Reddit: Bitmain’s Mining Pools Rejecting SegWit Transactions

The exploit was first discovered by the researchers of ESET, a Slovakian firm specializing in cybersecurity. They described it as a “supply-chain attack.” The attack affected almost a million websites, but the threat seems to have been localized to one specific URL domain: Gate.io, a cryptocurrency exchange with a turnover of more than $1.7 mln per day, experts from ESET noted.

The code used by hackers wouldn’t be malicious unless the link contained a specific line: “myaccount/withdraw/BTC.” According to security professionals, Gate.io is the only website using a URL having this string

Who was hurt?

A security hole appeared a few days ago, but it is still difficult to say exactly how many people were affected by this attack, as well as how much money hackers stole.

ESET notes that the script automatically generates a new Bitcoin address each time it is launched. This effectively neutralizes the ability to link BTC transactions together in a meaningful way, which frustratingly protects the attackers’ identity.

Related
Bank of Israel Warns against Launching Digital Shekel for Now

According to the Gate.io exchange, it intends to remove StatCounter from its website as soon as possible. The exchange also urged its users to enable 2FA and two-step login protection.

Canadian university under attack

St. Francis Xavier University in Nova Scotia, Canada, was forced to disable its campus network after it was discovered that hackers seized its computing power to surreptitiously mine crypto.

According to the administration, during the attack, no personal information was compromised. However, it caused quite a few problems on the campus.

Among others, the statement points out that the network shutdown made it impossible to use Wi-Fi and provide debit card transactions. The university says it is still recovering from the attack but expects its services to be restored and launched soon.

The attack epidemy

There were numerous crypto attacks on institutions over the past few months. Back in February, British researchers discovered tons of infected government websites mining Monero. More recently, it turned out that many hackers had also secretly seized Indian government websites for crypto mining.

According to research made by RWTH Aachen University, Monero crypto-jackers earn about $250,000 each month.

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD