Experts of the company ESET, a developer of products in the field of cyber security, has published the findings of a study conducted by them on the trail of the perfect November 3 attack on the Irish platform web Analytics StatCounter. According to them, the target of the attack could be cryptocurrency exchange

Usually, in order to effectively take advantage of StatCounter to collect statistics, webmaster add to site pages JavaScript code www.statcounter[.]com/counter/counter.js. With his help, having access to the management service of analysis, could allow an attacker to compromise visitors of more than 2 million resources. However, according to ESET, most likely, the main goal of the hackers was a crypto currency exchange, since the time of the attack she only used universal resource identifier (URI) myaccount/withdraw/BTC, which the exchange generally applies to transfer bitcoins to third party addresses.

Attackers could use script https://www.statconuter.сom/c.php to replace the bitcoin address of their choice – and to steal money from the crypto currency exchange. In this case the domain with the same name, which was changed a few letters, indeed had previously been registered and in 2010 had already been blocking.

After receiving a warning from ESET experts in got rid of the StatCounter code and stated that scriptactive users out of danger.

We will remind, in September, ESET has discovered a new species of covert mining. In this mining cryptocurrency on the victim’s computer takes place directly in the browser using JavaScript files.