Hackers breach popular web analytics platform to attack crypto exchange

According to research by IT security company, ESET, on November 3, hackers breached StatCounter, a popular web analytics platform. StatCounter is used by websites to gather statistics on their visitors. Websites do this by inserting a StatCounter code into their web pages. One of StatCounter's users and the main target of the attack is cryptocurrency exchange, Gate.io. The hackers that breached StatCounter inserted malicious code into platform's script. On Gate.io, this malicious code secretly replaces a user's bitcoin withdrawal address to one controlled by the hackers. If a user attempts to withdraw their bitcoins from the exchange, they will unknowingly send it to the hackers. As of the time of this writing, it is unclear how many bitcoins were stolen during the attack. Gate.io has stopped using StatCounter as its web analytics tool. According to CoinMarketCap, Gate.io has a daily trading volume of $47M. (ESET)

About Author

Steven Zheng is a researcher for The Block. He joined The Block in August 2018. Steven graduated from St. John’s University with a degree in economics. Previously, he covered blockchain and crypto at Radicle, a startup analytics firm. He also had brief stints at Cheddar, a media startup, and Bowery Capital, a venture capital firm. He owns bitcoin. Follow Steven on Twitter at: @Dogetoshi

More by Steven Zheng