Malicious attacks that revolve around Bitcoin seem to be growing in popularity and some the largest exchanges including Gate.io are not safe from any type of malicious threat.
On November 6, 2018 Gate.io, a popular crypto exchange was forced to bring down their Statcounter analytics because of the breach in its scripting. The exchange was very quick to remove the malicious code from its script but the breach compromised a number of visitors and their training habits.
There are many traders that depend on cryptocurrency exchanges for accessing news on cryptocurrency as well as to access and trade cryptocurrency. Hackers were able to breach their way into the website using Statcounter which is an application that the platform was using for tracking its analytics. By infecting the java script code on the website through Statcounter they were able to seamlessly inject malicious code into the existing script of the site that was very difficult to spot.
The most concerning thing about this hack is that a small piece of code embedded into the java script stat tracker was actually bringing customers directly to the withdrawal screen for Bitcoin. Adding the new script element to the webpage ensured that many users were targeted on the platform.
Luckily the script was stopped before it was able to unpack and cause trouble for some users. As the exchange has nearly 10,000 people using it almost every day, the targeted hack could have affected a considerable amount of business for the exchange. It’s estimated that around $1.6 million in transactions occur on Gate.io on a daily basis and if the hack was able to fully execute all of the funds that were transmitted during regular daily trade would have been withdrawn from Bitcoin accounts.
If hackers target a single cryptocurrency on a platform like this one it could lead to a considerable loss for a major currency exchange as well as for its users. A payload that is delivered in a simple hack like this that gets unpacked could have a massive malicious intent for a crypto exchange. With even more intelligent is that it could grow more difficult to track the perpetrator as scripts like these are designed to generate new Bitcoin addresses which then launder the money and send it out to multiple accounts all before it converges on one source.
These types of attacks are highly scripted and extremely well protected. They’re difficult to spot and they can heavily compromise a website. Security is of the utmost concern for any type of crypto exchange. Gate.io was able to respond in a very quick format when they discovered the potential hack and this is why it is so crucial that if you are going to be trading in cryptocurrency that you use an exchange that is trusted with an advanced technical team.