Gate.io Targeted By Hackers Through Web Analytics Tool
Despite the threat, Gate.io customers have been assured that their funds are safe and they can trade accordingly. The increased security of exchanges is among the key features that are set to propel adoption of cryptocurrencies.
Gate.io Security Breach Contained In Time
Gate.io crypto exchange platform has been targeted by attackers. Reports indicate that the exchange was targeted through a web analytics system by as of yet unidentified hackers.
Details about the attempted hack were published by ESET, a cybersecurity firm. The attackers are said to have attempted to compromise an analytics tool on the Irish based web analytics site StatCounter. The hackers are believed to have been eying bitcoins owned by clients on the exchange.
The hackers successfully introduced malware into the StatCounter systems. They also managed to set up a copycat domain of StatCounter. In setting up the duplicate domain, they changed two characters and came up with StatConuter. Such a swap can be tough for anybody to spot in the event they are looking for any suspicious activity. ESET states that the domain was suspended about eight years over violation of policies.
Data provided by StatCounter shows that the platform has over two million sites running its programs. Unfortunately, the fake domain was used by some websites. However, Gate.io appears to be the only targeted website.
According to the analysis report, the script was after a specified URI dubbed “my account/withdraw/BTC”. A review of the exchange platforms shows that its only Gate.io platform that had a valid URI similar to the one released by the hackers.
The address was deployed by Gate.io to move BTC from its own reserve to an outside bitcoin address. The script by hackers replaced the bitcoin destination with one owned by the hackers, thus allowing them to abscond with the BTC.
With the new illegitimate domain, the server comes up with a new crypto address, whenever a user loads the hacker script, it becomes difficult to determine the number of bitcoins that have been moved to the hackers
Gate.io was notified about the threat by ESET. The exchange made a public announcement stating that the hack script had been successfully deleted and users were free to trade. The exchange stated that funds were not tampered with.
Gate.io is ranked in 38th position according to data provided by CMC. Gate.io is believed to be located in the Cayman Islands.