One of the largest cryptocurrency exchange, gate.io, was targeted by a third-party, aka supply-chain attack. The attackers inserted a malicious code to a Web Analytics tool, called StatCounter, to steal bitcoins from gate.io.
A sophisticated attack with one goal; BTC theft
As the latest ESET research reveals thedetails on the attack, we see that it is a sophisticated attack and directly targets gate.io, while it could have targeted many other companies used the same StatCounter Web Analytic tool.
Image adopted from ESET research.
As expected, the one used in this attack, namely statconuter[.]com, is on our list. Even with a basic proactive approach by checking possible phishing domains of StatCounter, this attack may have been avoided.
- Use subresource integrity, a security feature which enables browsers to verify that resources they fetch are delivered without unexpected manipulation.
- Monitor your cyber risk for third-party attacks. The victim of software supply-chain attack might be one of your third-party vendor and attack may spread to you.
- Use IDS/IPS systems to detect anomalies in your system.
- Patch management is also crucial to avoid such attacks.