RATE Group | StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack • The R…
48331
post-template-default,single,single-post,postid-48331,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack • The R…

08 Nov StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack • The R…

Posted at 06:40h in Bitcoin News by

[ad_1]

This week’s hijacking of StatCounter’s JavaScript to swipe Bitcoins from a crypto-coin exchange was the result of a web cache poisoning attack, apparently.

The cyber-heist, in which a malicious snippet of JavaScript code was inserted into StatCounter’s tracking script, which websites embed in their pages to monitor visitor traffic, was part of a larger attempt by hackers to intercept and redirect Bitcoin transactions taking place on the Gate.io cryptocurrency exchange.

Fortunately, security sleuths at ESET were able to clock the nasty JS being served from statcounter.com, and reported the caper.Both StatCounter and Gate.io took measures to shut down the attack soon thereafter. Gate.io said that no coins were actually stolen.

But how was the attack possible? StatCounter told The Register that, rather than its servers being directly compromised to sling out bad JS on Gate.io, miscreants poisoned one of…

[ad_2]

Source link

Tags:
, , , , , ,