Compromised Traffic Counter Features in New Kind of Exchange Hack

written by

Code Injected Into Traffic Counter In New Type Of Cryptocurrency Exchange Hack

Support free journalists: > send a tip

In a new type of hack, malicious code was injected into a website traffic analysis app called StatCounter in order to steal Bitcoins from users. currently has a daily trading volume in excess of USD 20 million, but was near USD 35 million before the information about this hack was published. That being said, it appears and StatCounter have been fixed and are safe to use at this point.

StatCounter is one of the more popular website traffic analysis tools, with 2 million websites and 10 billion pages analyzed per month. Websites that use StatCounter place a snippet of java code on their web pages. Hackers exploited this piece of code and injected their own malicious code, placing all 2 million websites that use StatCounter at risk.

The malicious code checks for ‘myaccount/withdraw/BTC’ in the URL; if it finds this then it downloads another piece of malicious code from, which is spelled very similar to to avoid detection. The only website that has this URL out of all 2 million StatCounter websites is, making it clear this hack was aimed at the exchange.

This second piece of code replaces the destination Bitcoin address chosen by users with the Bitcoin address of the hacker at the moment they submit an external Bitcoin transfer. Further, the malicious code increases the send to the daily withdrawal limit for the user, depending on how much Bitcoin is in their account.

This made the losses from this hack very hard to track since as far as was concerned, they sent the Bitcoin to an external address as usual; only the user would know that they did not receive their Bitcoins. As the hackers changed their Bitcoin address every time a user hit submit, there is no central Bitcoin address that can be viewed to see the total losses.

This is the latest evidence to show that hackers are becoming more sophisticated and creative, developing new ways to hack cryptocurrency exchanges.


Follow on Twitter: @bitcoinnewscom

Telegram Alerts from

Want to advertise or get published on – View our Media Kit PDF here.

Image Courtesy: pixabay

Help spread this article :) is NOT INVESTMENT ADVICE

Opinions expressed are entirely their own and do not necessarily reflect those of

For informational purposes only. Individuals and entities should not construe any information on this site as investment, financial, legal, tax, accounting or other advice. Information provided does not constitute a recommendation or endorsement by to buy or sell bitcoin, cryptocurrencies or other financial instruments. Forecasts are inherently limited and cannot be relied upon. Do your own research and consult a professional advisor. The opinion of authors do not reflect those of 


Read More Bitcoin News


Join our Newsletter


Latest on Bitcoin News

Video of the Week

Join our Newsletter