JavaScript Malware is not a new concept for those in the cybersecurity space, but lately, it’s been wreaking havoc in crypto. Crypto exchange sites have fallen victim to JavaScript malware costing many millions of dollars in crypto assets. Part of the reason why the malware continues to be successfully used as a hacking tool is because it can be directly injected into legitimate websites. JavaScript is used to create an interactive web browsing experience. But because online browsing is one of the main habits of users, hackers exploit this by injecting malware directly into the websites they browse. Hackers love this crafty method because their victims aren’t aware of anything until they have been hacked!
The scary aspect of JavaScript malware is that it does not require any action from the user. They can’t easily avoid JavaScript. By simply visiting a site infected by the malware, users unknowingly expose their sensitive data to hackers.
StatCounter’s recent breach is a prime example of this. Hackers were able to inject malicious code into the site’s script. Although other businesses use StatCounter’s services, hackers were only targeting Gate.io, a major cryptocurrency exchange. The malicious code only activated when visiting the subdomain myaccount/withdraw/BTC. This allowed the hackers to use multiple addresses to steal crypto assets.
Crypto exchanges have hot and cold wallets. These wallets store users’ secret keys as well as the exchange’s. Most of the keys are stored offline in vaults or on servers connected to the internet to facilitate transactions. However, just because these servers are part of the crypto exchange network, they aren’t immune to hacks. Most assume that the daily vulnerabilities users face on the web will magically disappear with blockchain technology. Although in theory blockchain is secure, access to it is not.
What happened to Gate.io could’ve have been prevented with a solution like Blocksafe’s ExchangeDefender. The ExchangeDefender works to protect the internal systems of the crypto exchange. The product protects the exchange’s computers and mobile devices from keylogging, screen capture and clickjack attacks.
Hackers keep up with the latest tech trends and are always coming up with more sophisticated hacking methods. Every four seconds, there’s a new strain of malware. That’s why, it is important for users to keep their computer systems updated, stay away from suspicious websites, and don’t click links or download attachments from suspicious emails. Hackers and their hacking methods will always be around. However, by spreading awareness and taking proactive steps to avoid hackers, users lessen their chances to be a victim of an attack.