Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Hackers successfully sandwiched crypto-stealing code into the middle of a popular web traffic-measuring plugin from StatCounter, which is now used on more than two million websites, including government sites. They have determined, however, that the rather wide swath of infections may have been designed to eventually infect cryptocurrency trading sites, and that the scheme did, in fact, infect popular crypto-trading site Gate.io. By situating the code in the middle of StatCounter’s downloadable javascript web traffic analysis tool, hackers made it harder to detect. Attack method (per SlowMist): Malicious Code Injection Attack. Reported loss: -.
- chain
- —
- protocol
- GATE.IO
- bug_class
- unknown
- date_occurred
- 2018-11-07
- loss_usd
- —
- source_id
- sm:gate-io::2018-11-07