Nearly 700,000 websites are hacked in bid to steal cryptocurrency

russia hotel wi fi hack hacking hacker lifestyle pc keyboard
pwstudio/123RF

Popular web analytics platform Statcounter experienced a breach on November 3, according to research from malware researcher Matthieu Faou. Up to 700,000 web pages were targeted in the hack which primarily aimed to steal cryptocurrency through a malicious script.

Per the report, through the script was loaded on many websites, there is nothing much to fear. The malicious Statcounter script behind the attack primarily targeted the cryptocurrency exchange Gate.io to generate Bitcoin addresses. Only if the URL or content in a given webpage contained references to “myaccount/withdraw/BTC” would the malicious script activate and then silently connect to the exchange to fill the hackers’ pockets with money.

“Attackers modified the script at www.statcounter[.]com/counter/counter.js by adding a piece of malicious code. … In the middle of the script. This is unusual, as attackers generally add malicious code at the beginning, or at the end, of a legitimate file. Code injected into the middle of an existing script is typically harder to detect via casual observation,” explains Faou.

The breach was pretty clever and is still live, as all websites running Statcounter need to add a specific code to a website in order to grab more information about users. Hackers clearly leveraged that to their advantage even though the Gate.io service used in the script now claims it doesn’t use Statcounter anymore.

It is still unknown how many end users were truly impacted by this attack, or how much money hackers made. Statcounter has yet to issue a public response, but Gate.io issued a lengthy statement on its website.

“On Nov. 6, 2018, we got the notice from ESET researcher’s report and the “ESET Internet Security” product that there’s a suspicious behavior in Statcounter’s traffic stats service. We immediately scanned it on Virustotal in 56 antivirus products. No one reported any suspicious behavior at that time. …  However, we still immediately removed the Statcounter’s service. After that, we didn’t find any other suspicious behaviors. We want to express our great appreciation and respect to the researcher from ESET Malware Researcher,” said Gate.io.

Cryptocurrency hacks are becoming more common as Bitcoin and Ethereum pick up value. The hack also raises concerns about the nature of external Javascript, since it can easily be modified. Similar cryptocurrency focused hacks have occurred in the past, particularly with Adobe Flash installers.

Emerging Tech

How Super Mario, Magic: The Gathering, and PowerPoint are low-key supercomputers

What if the creators of Super Mario World, PowerPoint, and even Magic: The Gathering had accidentally created tools hiding a general-purpose computer in plain sight? Turns out they have.
Movies & TV

The best shows on Netflix right now (May 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.
Movies & TV

Prime-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Computing

The Dell XPS 13 headlines the best laptop deals for May 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we have you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Computing

HP drops killer deals on laptops with up to $1,300 off for Memorial Day Weekend

HP is currently dropping prices on Spectre x360, Envy, Pavilion, and Omen laptops during its Memorial Day event. So if you're in dire need of a new laptop, the latest holiday savings may be exactly what you're looking for.
Computing

Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will be holding a pre-Computex keynote on May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.
Computing

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.
Computing

These external drives have speed, durability, and storage space to spare

Whether you want an external storage drive that is fast, portable, or comes with a ton of storage, these are the best external hard drives available today. They all come with great features and competitive pricing.
Computing

The 2019 ThinkPad lineup is robust. Here's how to pick the right one for you

Be it the X series, the T series, E series, it can be tough to find the best Lenovo laptop that is right for you. To help, we'll break down all the options available to make your choice a more informed one.
Computing

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.
Computing

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.
Computing

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.
Mobile

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.