The script at www.statcounter  com/counter/counter. js was changed by the enemies to include a piece of code in the middle of the manuscript. Usually hackers include code at the start or at the end of the manuscript. Including code in the middle of a script can prevent detection as a dubious code in the middle of the script is harder to determine.
The item of code included by the hackers was configured to detect any kind of URL which contains myaccount/withdraw/BTC. This indicates that hackers were attempting to steal Bitcoin from a platform which traded Bitcoin. After effective recognition of the desired URL, the manuscript will add a brand-new script element to the webpage connected to the LINK as well as fuse the code at https://www.statconuter  com/c. php.
Hacking done the wise means
The domain name made use of by the cyberpunks is extremely comparable to the original domain name. The cyberpunks have flipped two letters from StatCounter, which makes it harder to find the harmful manuscript. According to the record this domain name has been suspended in 2010 therefore spam as well as misuse.
The study located that the LINK, myaccount/withdraw/BTC, targeted by the code was energetic on just one page and also the page came from Gate.io, a crypto exchange. Consequently, the research wraps up that Gate.io was the major target of the hack. Gate.io features over a million bitcoin transactions suggesting that the robbing Bitcoins from the exchange walking stick be profitable.
The website https://www.gate  io/myaccount/withdraw/ BTC is utilized to move bitcoin from a gate.io account to an exterior Bitcoin address. During the second action in the deal procedure when the customer clicks the send button for the withdrawal, the destructive manuscript will change the destination Bitcoin address. The cyberpunks seem have actually elevated the ante by transforming the Bitcoin address with each transaction making it hard to recognize the number of Bitcoins moved to phony addresses.