Unknown hackers have integrated the malicious code on an Irish web Analytics service StatCounter to further hacking cryptocurrency exchanges Gate.io. This was announced by the specialists at the ESET virus lab.

According to their information, the hackers modified the script to an external JavaScript file www.statcounter.com/counter/counter.js used to collect statistical data about site visitors. Due to the fact that the malicious code was placed in the middle of the script, to detect the modification was not immediately apparent.

The script looks for in the URL string myaccount/withdraw/BTC and then adds on a web page, a new item code https://www.statconuter.сom/c.php. The link is designed for the carelessness of users and leads to the attackers registered domain. Analysts at ESET have discovered that the work of the pseudo-domain was suspended in 2010 due to malicious activities.

They also found that the ultimate goal of the hackers was just a crypto currency exchange Gate.io, as it uses uniform resource identifier https://www.gate.io/myaccount/withdraw/BTC to transfer bitcoins from own account to third party addresses.

“The malicious script automatically replaces bitcoin address of the user address of the attacker. Due to the fact that the server is cheaters generates a new address every time the user loads the script StatConuter, it is difficult to determine how many bitcoins could be stolen”, — said the representative of ESET.

Currently, the service StatCounter removed from the site Gate.io. The user bitcoin exchange declared that “all assets of its users safe.”

According to CoinMarketCap, every day at the Gate.io traders carry out a bitcoin transaction worth $1.6 million

We will remind, earlier in November, hackers are touting a distribution of 10 000 bitcoins using fake Twitter accounts Elon musk, requiring potential participants to send from 0.1 to 1 BTC to the specified address. The damage from actions of malefactors has exceeded $170 thousand.

Download the app ForkLog for Android smartphones!