Nearly 700,000 websites are hacked in bid to steal cryptocurrency

russia hotel wi fi hack hacking hacker lifestyle pc keyboard
pwstudio/123RF

Popular web analytics platform Statcounter experienced a breach on November 3, according to research from malware researcher Matthieu Faou. Up to 700,000 web pages were targeted in the hack which primarily aimed to steal cryptocurrency through a malicious script.

Per the report, through the script was loaded on many websites, there is nothing much to fear. The malicious Statcounter script behind the attack primarily targeted the cryptocurrency exchange Gate.io to generate Bitcoin addresses. Only if the URL or content in a given webpage contained references to “myaccount/withdraw/BTC” would the malicious script activate and then silently connect to the exchange to fill the hackers’ pockets with money.

“Attackers modified the script at www.statcounter[.]com/counter/counter.js by adding a piece of malicious code. … In the middle of the script. This is unusual, as attackers generally add malicious code at the beginning, or at the end, of a legitimate file. Code injected into the middle of an existing script is typically harder to detect via casual observation,” explains Faou.

The breach was pretty clever and is still live, as all websites running Statcounter need to add a specific code to a website in order to grab more information about users. Hackers clearly leveraged that to their advantage even though the Gate.io service used in the script now claims it doesn’t use Statcounter anymore.

It is still unknown how many end users were truly impacted by this attack, or how much money hackers made. Statcounter has yet to issue a public response, but Gate.io issued a lengthy statement on its website.

“On Nov. 6, 2018, we got the notice from ESET researcher’s report and the “ESET Internet Security” product that there’s a suspicious behavior in Statcounter’s traffic stats service. We immediately scanned it on Virustotal in 56 antivirus products. No one reported any suspicious behavior at that time. …  However, we still immediately removed the Statcounter’s service. After that, we didn’t find any other suspicious behaviors. We want to express our great appreciation and respect to the researcher from ESET Malware Researcher,” said Gate.io.

Cryptocurrency hacks are becoming more common as Bitcoin and Ethereum pick up value. The hack also raises concerns about the nature of external Javascript, since it can easily be modified. Similar cryptocurrency focused hacks have occurred in the past, particularly with Adobe Flash installers.

Computing

Smishing sounds funny, but it’s a serious threat to your phone’s security

We all know phishing is a huge security problem, but most people still believe it’s a problem limited to email. According to new reports, however, phishing scams are attempting to exploit your trust in text messages.
Computing

These are the 5 best free antivirus apps to protect your MacBook

Malware protection is more important than ever, even if you eschew Windows in favor of Apple's desktop platform. Thankfully, protecting your machine is as easy as picking from the best free antivirus apps for Mac suites.
Gaming

Owners of ROM sites ordered to pay Nintendo more than $12 million

An federal court judge in Arizona has awarded Nintendo more than $12 million in damages in its lawsuit with the owners of two popular ROM websites. The sites must also be transferred to Nintendo's control.
News

Zoom in on famous works through the Art Institute of Chicago’s new website

Art lovers, listen up. The Art Institute of Chicago has given its website a serious makeover with new features that let you get up close and personal with more than 50,000 artworks by famous (and not so famous) artists.
Emerging Tech

Intel’s new ‘neural network on a stick’ aims to unchain A.I. from the internet

To kick off its first developer conference in Beijing, Intel unveiled the second generation of its Neural Compute Stick -- a device that promises to democratize the development of computer vision A.I. applications.
Computing

Convert your PDFs into convenient Word documents

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.
Product Review

If the Surface Studio 2 can't win over Mac fans, nothing can

Most creative professionals are staunchly planted in the Apple camp, but with the Surface Studio 2, Microsoft is making a serious attempt to win them over. Despite its niche appeal, you’ll wish you had a few grand to drop on this beauty.
Computing

These laptop makers produce the most reliable, quality hardware today

If you want to buy your next laptop based around a specific brand, it helps to know which the best brands of laptops are. This list will give you a good grounding in the most reliable, quality laptop manufacturers today.
Deals

All the best Amazon Black Friday deals for 2018

Amazon may be an online-only retailer, but that doesn’t mean its Black Friday sales are anything to sniff at. In fact, due to its online status, Amazon has huge flexibility with the range of products and deals it can offer. Here's our…
Deals

Here are the best laptop deals for November 2018

Whether you've started a new school year, are shopping for a student, or you just need a new computer, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Computing

Recover your beloved data with these great software tools

The best data recovery software isn't always free, but whether you've lost files on a hard drive, SD card, or even physical media like CDs and DVDs, there's a chance they'll be able to get that data back.
Computing

If the speed of AMD’s Radeon RX 590 doesn’t entice you, the game bundle will

AMD's Radeon RX 590 is a new video card that targets 1080p gaming at maximum detail. Starting at $280, it fills a gap between the Radeon RX 580 and the more expensive Radeon RX Vega. AMD says the new RX 590 can beat Nvidia's GTX 1060 Ti.
Computing

Microsoft Surface Studio 2: Everything you need to know

Microsoft's Surface Studio 2 comes with a new CPU, new graphics card, and a brighter display -- but is all of that worth the higher cost? Here's everything you need to know about the Surface Studio 2.
Computing

Want to use one drive between a Mac and Windows PC? Partitions are your best bet

Compatibility issues between Microsoft Windows and Apple Mac OS X may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.