Web Injects Used to Steal Bitcoin Money

With the increased use of cryptocurrency, hackers have started employing the use of Web injects to intercept payments and acquire user information.  Of course when it comes to hacking there are many ways, but this report is intended to inform readers of how Web injects work and why they can be hard to identify.  What a Web inject does is while the page loads, malware that changes the web page before the user sees it.  In this article, two website Web injects are used for Coinbase and Blockchain.info.  With Coinbase, the inject disables the enter key forcing the user to press a fake submit button, thus giving the user credentials to the hacker.  Likewise, the Web injects for Blockchain.info changes the web page so that the payment transaction goes to the hacker.

In the future, the use of online websites for bitcoin transactions (or payment transactions in general) will continue to increase.  A study claimed that by 2024, the number of bitcoin users will reach 200 million (RT news).  Therefore, hackers will always try to exploit the user’s information.  So in the future, companies with online payment platforms and bitcoin wallets will need to continue to research hacker attacks and stay up to date with security.  Also, users should be more aware of the how hackers use Web injections.  So for example, if a button does not work or there is a strange error, they should notify the companies.  This is all that companies and users can really do in this situation.  Just continue to develop security tools and pay attention to details on the webpages.

-Jamie Smith