黑客通过比特币窃取恶意软件感染近700,000个网站
加密货币黑客攻击了互联网上最常用的流量分析服务之一StatCounter,以便吸收比特币$ BTC ▼0.59% 来自在线交易平台Gate.io的用户。
在一次有针对性的攻击中,黑客违反了StatCounter,超过688,000个网站被抓获加载恶意脚本,ZDNet 报告。
StatCounter非常类似于Google Analytics,因为它可以分析流经网站的互联网流量。网站管理员必须在他们的网站上添加特殊的StatCounter代码才能获得统计数据,这是黑客似乎利用的一个方面,可以尽可能广泛地传播他们的恶意代码。
该攻击重定向了加密货币交易者的比特币,特别是当Gate.io用户撤回或转移他们的比特币时。代码只是用黑客拥有的地址替换了输入页面的任何比特币地址。
来自斯洛伐克网络安全公司ESET的安全研究人员是第一个发现该漏洞的人,它将其描述为"供应链攻击"。
ESET指出,虽然有近百万个网站受到影响,但整个威胁似乎已经局限于一个特定的URL域:Gate.io,一个加密货币交易所,目前每天处理价值超过170万美元的比特币。
根据ESET,恶意代码实际上不会做任何事情,除非链接包含特定的字符串:"myaccount / withdraw / BTC。"研究人员发现Gate.io是唯一一个使用包含此字符串的URL的网站。
尽管存在持续数天的安全漏洞,但很难说有多少人受到了这次攻击的影响,甚至很难说黑客能够躲过多少人。
ESET注意到脚本每次运行时都会自动生成一个新的比特币地址。这有效地抵消了以有意义的方式将比特币交易联系在一起的能力,这令人沮丧地保护了攻击者的身份。
Gate.io 表示将从其网站上删除 StatCounter。它还 敦促用户启用双因素身份验证和两步登录保护。
{"weixin":{"label":"微信","name":"weixin","selected":true,"value":true,"sortid":"1","shareid":"weixin","sharetitle":"分享到微信","event":"shareToWeiXin","lang":"shareWeb_WeiXin"},"copy":{"label":"复制网址","name":"copy","selected":true,"value":true,"sortid":"2","shareid":"copy","sharetitle":"复制网址","event":"copy_url","lang":"shareWeb_Copy"},"qq":{"label":"QQ好友","name":"qq","selected":true,"value":false,"sortid":"1","shareid":"qq","sharetitle":"分享到QQ","event":"shareToQQ","lang":"shareWeb_QQ"},"sina_weibo":{"label":"新浪微博","name":"sina_weibo","selected":true,"value":true,"sortid":"4","shareid":"sina_weibo","sharetitle":"分享到新浪微博","event":"shareToSinaWB","lang":"shareWeb_SinaWeiBo"},"qq_zone":{"label":"QQ空间","name":"qq_zone","selected":true,"value":true,"sortid":"5","shareid":"qq_zone","sharetitle":"分享到QQ空间","event":"shareToQzone","lang":"shareWeb_QQZone"},"renren":{"label":"人人网","name":"renren","selected":true,"value":true,"sortid":"7","shareid":"renren","sharetitle":"分享到人人网","event":"shareToRenren","lang":"shareWeb_RenRen"},"douban":{"label":"豆瓣网","name":"douban","selected":true,"value":true,"sortid":"8","shareid":"douban","sharetitle":"分享到豆瓣网","event":"shareToDouban","lang":"shareWeb_DouBan"},"baidu_tieba":{"label":"百度贴吧","name":"baidu_tieba","selected":true,"value":true,"sortid":"10","shareid":"baidu_tieba","sharetitle":"分享到百度贴吧","event":"shareToTieba","lang":"shareWeb_TieBa"},"Facebook":{"label":"Facebook","name":"Facebook","selected":true,"value":true,"sortid":"11","shareid":"Facebook","sharetitle":"分享到FaceBook","event":"shareToFacebook","lang":"shareWeb_Facebook"},"Twitter":{"label":"Twitter","name":"Twitter","selected":true,"value":true,"sortid":"12","shareid":"Twitter","sharetitle":"分享到Twitter","event":"shareToTwitter","lang":"shareWeb_Twitter"},"LinkedIn":{"label":"LinkedIn","name":"LinkedIn","selected":true,"value":true,"sortid":"13","shareid":"LinkedIn","sharetitle":"分享到linkedIn","event":"shareToLinkedin","lang":"shareWeb_Linkedin"},"whatsapp":{"label":"whatsapp","name":"whatsapp","selected":true,"value":true,"sortid":"15","shareid":"whatsapp","sharetitle":"分享到whatsapp","event":"shareToWhatsapp","lang":"shareWeb_whatsapp"},"line":{"label":"line","name":"line","selected":true,"value":true,"sortid":"15","shareid":"line","sharetitle":"分享到line","event":"shareToLine","lang":"shareWeb_line"},"qq_weibo":{"label":"腾讯微博","name":"qq_weibo","selected":true,"value":true,"sortid":"3","shareid":"qq_weibo","sharetitle":"分享到腾讯微博","event":"shareToQQwb","lang":"shareWeb_QQWeiBo"},"peopleBlog":{"label":"人民微博","name":"propleBlog","selected":true,"value":true,"sortid":"14","shareid":"propleBlog","sharetitle":"分享到人民微博","event":"shareToPeopleBlog","lang":"shareWeb_peopleBlog"}}
