There have been notable attacks that compromised funds of users on crypto exchanges. In the last year and a half, hacking incidents have already stolen around $800 million worth of cryptocurrencies according to a study. And in reality, this is far from stopping.
StatCounter, a website that functions like Google Analytics, allowing websites to have a clear idea about their traffic, has been compromised. So what is the extent of the damage? Hackers were able to affect over 688,000 websites. They were loading a malicious script. However, despite the thousands of websites that were affected, it only targeted one website which is the crypto exchange Gate.io.
Since StatCounter works almost the same as Google Analytics, webmasters should add a special StatCounter code into their code in order to have an idea about their statistics. and this is where the malicious code does its harm.
Supply-Chain Attack
What the code does is redirect the Bitcoin of crypto traders whenever users transfer or withdraw Bitcoin on Gate.io. The code replaces the Bitcoin address that is entered into the page to the other one that is owned by the hackers. Slovakian cybersecurity company ESET discovered this and described it as “supply-chain attack”.
ESET mentioned that close to million websites were affected. However, the focus is clearly Gate.io. The crypto exchange has been handling over $1.7 million worth of Bitcoin every day. And also, the code isn’t exactly doing anything if the users are not withdrawing or transferring Bitcoin. It only acts when the link has the string: “myaccount/withdraw/BTC”. And the code simply generates a new address once this has been seen.
According to Gate.io, they will be removing the StatCounter website in order to prevent this problem from happening again. Also, they urged their users to have a two-factor authentication and two-step login protection. Unfortunately, there were no numbers released how much the hackers were able to get away with from the attack.
Regulatory Challenges and Hacking Incidences
Hacking is a serious problem that the crypto industry has to deal with. Millions have already been stolen from users and crypto exchanges over the years. With no clear guidelines to police the crypto industry in different parts of the world, it can get tricky. In fact, it is the reason why Japan has decided to implement regulatory changes that would impose stricter rules on crypto exchanges.
Japan even decided to have a crypto exchange association to police the industry. These are all meant to ensure that their client funds are protected. Despite the hundreds of exchanges looking to enter Japan, the country hasn’t allowed new crypto exchanges to enter the country. In fact, with the new rules, even Kraken decided to leave.
Considering hacking as a common problem, it has also stopped institutional investors from entering the market. And this is the reason why custodial services are becoming an important piece of the puzzle along with regulatory clarity.
Many believe that regulatory clarity is needed by the industry despite causing the crypto market to go bearish this year. With necessary protection slowly being imposed by regulators, could there be a bull run in the coming months?